Why FF2 Format Preserving Encryption Fails

Novice_researcher

1/16/23, 7:36 AM

I have just seen that there are 3 feistel based FPE schemes which were proposed FF1,FF2 and FF3( There might be many more). Although there have been different attacks on FF1 and FF3 standard that show that it does not preserve 128 bit security they are still used in practice with recommended changes.

What reason made FF2 fail completely and to be rejected from 2015 to be used any further?

0 + 0

format-preserving

nist

Maarten Bodewes

1/16/23, 10:24 AM

It's explained in a 3 page paper [here](https://eprint.iacr.org/2015/306.pdf), which is directly referenced by NIST SP 800 38G as direct reason why it doesn't provide 128 bits of security. It's pretty comprehensive, but please, if anybody can explain it in even fewer words, we would welcome the answer. Apparently NIST got warned by the NSA.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why FF2 Format Preserving Encryption Fails

TH: เหตุใดรูปแบบ FF2 ที่รักษาการเข้ารหัสจึงล้มเหลว

RO: De ce eșuează criptarea păstrării formatului FF2

RU: Почему формат FF2 с сохранением шифрования не работает

VI: Tại sao mã hóa bảo toàn định dạng FF2 không thành công

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.