Score:2

Why FF2 Format Preserving Encryption Fails

br flag

I have just seen that there are 3 feistel based FPE schemes which were proposed FF1,FF2 and FF3( There might be many more). Although there have been different attacks on FF1 and FF3 standard that show that it does not preserve 128 bit security they are still used in practice with recommended changes.

What reason made FF2 fail completely and to be rejected from 2015 to be used any further?

Maarten Bodewes avatar
in flag
It's explained in a 3 page paper [here](https://eprint.iacr.org/2015/306.pdf), which is directly referenced by NIST SP 800 38G as direct reason why it doesn't provide 128 bits of security. It's pretty comprehensive, but please, if anybody can explain it in even fewer words, we would welcome the answer. Apparently NIST got warned by the NSA.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.