On Wed, 27 Aug 2008, Eric Rescorla wrote:

At Wed, 27 Aug 2008 17:05:44 +0200,
Philipp Gühring wrote:


I am searching for symmetric encryption algorithms for decimal strings.

Let's say we have various 40-digit decimal numbers:

As far as I calculated, a decimal has the equivalent of about 3,3219
bits, so with 40 digits, we have about 132,877 bits.

Now I would like to encrypt those numbers in a way that the result is a
decimal number again (that's one of the basic rules of symmetric
encryption algorithms as far as I remember).

Since the 132,877 bits is similar to 128 bit encryption (like eg. AES),
I would like to use an algorithm with a somewhat comparable strength to AES.
But the problem is that I have 132,877 bits, not 128 bits. And I can't
cut it off or enhance it, since the result has to be a 40 digit decimal
number again.

Does anyone know a an algorithm that has reasonable strength and is able
to operate on non-binary data? Preferrably on any chosen number-base?

There are a set of techniques that allow you to encrypt elements of
arbitrary sets back onto that set.

The original paper on this is:
John Black and Phillip Rogaway. Ciphers with arbitrary ?nite domains. In
CT-RSA, pages 114?130, 2002.

But he probably wants an encryption scheme, not a cipher.

Also, correct me if I am wrong, but Black and Rogaway's approach is not efficient for large domains. But if you use their approach for small domains then you open yourself up to dictionary attacks.

For a modern proposal to make this a NIST mode, see:


Full Disclosure: Terence Spies, the author of the FFSEM proposal,
works for Voltage, Voltage has a product based on this technology.
and I'm on Voltage's TAB and have done some work for them.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to