• Breaking the FF3 format-preserving encryption standard over small domains

Congratulations to F. Betül Durak, a PhD student in the Computer Science department advised by Prof. David Cash!

Betül, together with Serge Vaudenay from EPFL, gave a cryptanalytic analysis to a recent NIST Format-Preserving Encryption standard, FF3. NIST announced the meaning of their result for practice and towards implementing the possible repair of the standard proposed by Betül and Serge.

The proposed attack recovers the entire codebook with a data complexity less than the codebook (using chosen plaintexts) and it is practical for small domains. The work has been accepted to CRYPTO'17.

NIST Announcement: https://beta.csrc.nist.gov/News/2017/Recent-Cryptanalysis-of-FF3