The output of a generic encryption algorithm is a fixed length random bit string (the ciphertext) which has no correlation with the plaintext. This is usually not an issue since we do not expect any operation except for the storage or transmission of the encrypted data to be performed. However, in some application scenarios, the format of the ciphertext is relevant. The first problem is the ciphertext expansion, that is the ciphertext may occupy additional bytes than the plaintext. This is definitely an issue if we want to perform in-place encryption. A second problem is the absence of structure in ciphertext bit strings. A possible scenario where this absence is indeed a problem concerns the usage of network devices, known as Deep Packet Inspectors (DPI), which filter the traffic based either on the network protocol or on the content of the packet. In such scenarios, encrypted messages are dropped since they are not valid packets of the target protocol. For instance, DPI are widely used for censorship purposes. For instance, the Chinese government employs a big DPI, the Great Wall of China, to drop all the encrypted packets, since it would not be able to perform an inspection of the content of the packet. To address these issues, the concepts of Format Transforming Encryption (FTE) and Format Preserving Encryption (FPE) have been proposed in the last decade. With FTE/FPE, we manage to get a ciphertext which is no longer a random bit string, but it is formatted according to a user specified format. The difference between FTE and FPE is that in the latter the ciphertext format is equal to the plaintext format.
In this seminar, which is based on 2 talks made by Tom Shrimpton, one of the authors of FTE, during the Real World Crypto and Privacy summer school, we will look at how FTE is achieved and how it can be easily used for FPE too. Moreover, we will analyze the effectiveness and the perfomances of this approach in the context of the 2 problems mentioned above, that is in-place encryption and censorship circumvention.