Evaluation of Format- Preserving Encryption Algorithms for Critical Infrastructure Protection

Legacy critical infrastructure systems lack secure communications capabilities that can protect against modern threats. In particular, operational requirements such as message format and interoperability prevent the adoption of standard encryption algorithms. Three new algorithms recommended by the National Institute of Standards and Technology (NIST) for format-preserving encryption could potentially support the encryption of legacy protocols in critical infrastructure assets. The three algorithms, FF1, FF2 and FF3, provide the ability to encrypt arbitrarily-formatted data without padding or truncation, which is a critical requirement for interoperability in legacy systems. This paper presents an evaluation of the three algorithms with respect to entropy and operational latency when implemented on a Xilinx Virtex-6 (XC6VLX240T) FPGA. While the three algorithms inherit the security characteristics of the underlying Advanced Encryption Standard (AES) cipher, they exhibit some important differences in their performance characteristics.

[1]  Robert Mills,et al.  ADS-B encryption: confidentiality in the friendly skies , 2013, CSIIRW '13.

[2]  Bart Preneel,et al.  Topics in Cryptology — CT-RSA 2002 , 2002, Lecture Notes in Computer Science.

[3]  Christof Paar,et al.  An FPGA-based performance evaluation of the AES block cipher candidate algorithm finalists , 2001, IEEE Trans. Very Large Scale Integr. Syst..

[4]  Phillip Rogaway,et al.  A Synopsis of Format-Preserving Encryption , 2010 .

[5]  Sean W. Smith,et al.  YASIR: A Low-Latency, High-Integrity Security Retrofit for Legacy SCADA Systems , 2008, SEC.

[6]  Tim Good,et al.  AES on FPGA from the Fastest to the Smallest , 2005, CHES.

[7]  Juan Soto,et al.  Randomness Testing of the AES Candidate Algorithms , 1999 .

[8]  Mihir Bellare,et al.  Format-Preserving Encryption , 2009, IACR Cryptol. ePrint Arch..

[9]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[10]  Barack Obama,et al.  Executive Order 13636: Improving Critical Infrastructure Cybersecurity , 2013 .

[11]  Jacques Patarin,et al.  Luby-Rackoff: 7 Rounds Are Enough for 2n(1-epsilon)Security , 2003, CRYPTO.

[12]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[13]  Máire O'Neill,et al.  High Performance Single-Chip FPGA Rijndael Algorithm Implementations , 2001, CHES.

[14]  Phillip Rogaway,et al.  How to Encipher Messages on a Small Domain , 2009, CRYPTO.

[15]  Robert K. Abercrombie,et al.  Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop , 2013 .

[16]  Wade Trappe,et al.  Introduction to Cryptography with Coding Theory , 2002 .

[17]  Karen A. Scarfone,et al.  Guide to Industrial Control Systems (ICS) Security , 2015 .

[18]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[19]  Shai Halevi Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings , 2009, CRYPTO.

[20]  Moni Naor,et al.  On the Construction of Pseudorandom Permutations: Luby—Rackoff Revisited , 1996, Journal of Cryptology.

[21]  Jacques Patarin,et al.  Security of Random Feistel Schemes with 5 or More Rounds , 2004, CRYPTO.

[22]  John Black,et al.  Ciphers with Arbitrary Finite Domains , 2002, CT-RSA.