Press Release Summary:
NIST Special Publication 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption, specifies two techniques, called FF1 and FF3, for "format-preserving encryption," or FPE. While the main commercial impetus for developing these techniques is credit card number encryption, another potential application is the anonymizing of personally identifiable information from databases, particularly those containing sensitive medical information.
Original Press Release:
New NIST Security Standard Can Protect Credit Cards, Health Information
For many years, when you swiped your credit card, your number would be stored on the card reader, making encryption difficult to implement. Now, after nearly a decade of collaboration with industry, a new computer security standard published by the National Institute of Standards and Technology (NIST) not only will support sound methods that vendors have introduced to protect your card number, but the method could help keep your personal health information secure as well.
NIST Special Publication (SP) 800-38G, Recommendation for Block Cipher Modes of Operation: Methods for Format-Preserving Encryption, specifies two techniques for “format-preserving encryption,” or FPE. The publication addresses a longstanding issue in many software packages that handle financial data and other forms of sensitive information: How do you transform a string of digits such as a credit card number so that it is indecipherable to hackers, but still has the same length and look—in other words, preserves the format—of the original number, as the software expects?
According to author Morris Dworkin, the new techniques are more suitable for this purpose than NIST’s previously approved encryption methods, which were designed only for binary data – the frequently lengthy strings of 1s and 0s used by computers. But because financial software – used in card readers and billing, for example – often expects a credit card number to be the typical 16 digits long, encountering a lengthier encrypted number might cause problems in the software. The new FPE method works on both binary and conventional (decimal) numbers—in fact, sequences created from any “alphabet” of symbols—and it produces a result with the same length as the original.
“An FPE-encrypted credit card number looks like a credit card number,” Dworkin says. “This allows FPE to be retrofitted to the existing, installed base of devices.”
The two FPE techniques, called FF1 and FF3 in the new publication, were vetted during public comment periods on the standard in 2009 and 2013.
While the main commercial impetus for developing these techniques is credit card number encryption, another potential application is the “anonymizing” of personally identifiable information from databases, particularly those containing sensitive medical information. Databases of this sort are invaluable for researching the effects of different treatment methods on diseases, for example, but they often use social security numbers to identify individual patients and can contain other personal information. FPE encryption could handle this problem as well, though Dworkin stresses that in this case the approach would not necessarily be foolproof.
“FPE can facilitate statistical research while maintaining individual privacy, but patient re-identification is sometimes possible through other means,” he says. “You might figure out who someone is if you look at their other characteristics, especially if the patient sample is small enough. So it’s still important to be careful who you entrust the data with in the first place.”
NIST SP 800-38G is available online at http://dx.doi.org/10.6028/NIST.SP.800-38G.
The National Institute of Standards and Technology (NIST) is an agency of the U.S. Department of Commerce.