ANSI X9.124-5:2021 pdf download.Symmetric Key Cryptography for the Financial Industry一Format Preserving Encryption.
The American National Standard (ANS) X9.124, Format Preserving Encryption, defines a collection of methods for encrypting data strings so that the length and the character set for the ciphertext is the same as those of the plaintext. This is called format-preserving encryption (FPE). These methods are useful in situations where fixed-format data, such as Primary Account Numbers (PANs) or Social Security Numbers (SSNs), must be encrypted, but there is a requirement to limit changes to existing communication protocols, database schemata or application code.
Part 1 of this standard (Reference 1) includes a set of definitions common to all FPE techniques, a security model for FPE block cipher techniques, and a description of the pseudocode language used in defining the mode specified in this document.
This document, part 5 of the Standard, defines requirements for using the AES or TDEA block cipher to perform FPE using a format-preserving Feistel-based mode known as FF3.1, which is part of the FFX family. The FFX method is a family of format-preserving block ciphers. FFX stands for Format-preserving Feistel-based where the X reflects a specific algorithm.
2 Purpose
The purpose of this standard is to provide an approved method for implementing the Format-Preserving Encryption
— Feistel-Based, mode 3 (FF3.1) of format-preserving encryption (FPE).
3 Normative references
The following referenced documents are indispensable for the application of this part of ANS X9.124. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
1. ANS X9.1 24-1:2018, Symmetric Key Cryptography for the Financial Services Industry —Format Preserving Encryption — Part 1: Modes Definitions and Model (Ballot note — Anticipate publishing in 2018)
2. ASC X9 SD-34, Registry of Approved Cryptographic Resources for Financial Services Industry Standards, Registry Item 00002, Advanced Encryption Standard.
3. NIST Special Publication 800-67 Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher
4 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
4.1 AES
The Advanced Encryption Standard (AES) specifies a block cipher with a 128-bit wide block and 128-bit, 192-bit and 256-bit keys. AES is defined in FIPS 197, which is referenced in ASC X9 SD-34, item 00002.
4.2 ASCII
The American Standard Code for Information Interchange (ASCII) is a fixed scheme for mapping characters into single-byte values that can be stored in computer memory.
4.3 alphabet
An alphabet is a finite, nonempty set of characters.
4.4 block
A block is a fixed-length sequence of binary bits.
4.5 block cipher
A block cipher is a keyed cryptographic algorithm that operates as a permutation over a set of fixed-length binary strings. Ideally, a block cipher acts as a set of pseudorandom permutations indexed by the key.
4.6 BPS
BPS is an abbreviation for Brier-Peyrin-Stern, the original name for the FF3.1.
4.7 character (or digit)
A character or digit is an element of some alphabet. ANSI X9.124-5 pdf download.