1. Technical Field
The present invention generally relates to an apparatus and method for providing a Feistel-based variable length block cipher and, more particularly, to an apparatus and method for providing a Feistel-based variable length block cipher for format-preserving encryption that encrypts data such that ciphertext has the same format as plaintext.
2. Description of the Related Art
In order to preserve the confidentiality of messages, the encryption of messages is essential, and for this, various types of block ciphers, such as Advanced Encryption Standard (AES) and Academy, Research Institute, Agency (ARIA), have been used.
However, in existing block ciphers, the sizes of input/output blocks are preset, so that if specific format data, such as a resident registration number, a card number, or an account number, is encrypted, the format of the data is changed depending on the preset block size. That is, in a database (DB) for storing a resident registration number, a card number, or an account number, ciphertext in which data is encrypted must have a format identical to that of a resident registration number, a card number, or an account number so that the management of ciphertext is facilitated, but existing block ciphers do not support such a format.
Generally, encryption that causes plaintext and ciphertext to have the same format is called Format-Preserving Encryption (FPE). Here, the formats of plaintext and ciphertext may be regarded as domains to which the plaintext and the ciphertext belong.
In this way, technology for converting plaintext belonging to any domain into ciphertext belonging to the same domain includes several methods implemented using block cipher-based operation mode types. However, such typical methods must operate a block cipher 10 or more times to encrypt a piece of data, thus deteriorating efficiency.
Further, to desirably manage a Database Management System (DBMS), there is a need to output ciphertext having the same encoding format when plaintext having a specific encoding format is encrypted.
As related preceding technology, Korean Patent Application Publication No. 2007-0013344 describes encoding-format preserving encryption/decryption using any symmetric key encryption algorithm. However, such technology cannot be applied to normal symmetric key encryption algorithms (such as AES, ARIA and SEED algorithms) other than stream ciphers.
As another related preceding technology, Korean Patent No. 1315683 discloses technology devised to use any symmetric key encryption algorithm, but is disadvantageous in that a symmetric key encryption algorithm is used together with a stream cipher, thus making it possible to forge data.