Jump to content

Talk:Format-preserving encryption

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Purplie (talk | contribs) at 20:29, 25 March 2010. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Why does the article state "FFSEM is restricted to digits only and the field length must be between nine and nineteen digits", when the referenced ffsem-spec.pdf says that "We do not recommend the use of FFSEM on sets smaller than 2^32"? --Purplie (talk) 00:24, 24 March 2010 (UTC)[reply]

What is FCEM? This is not defined.

I don't think the statement "FPE is NOT an approved MODE of the AES algorithm" makes any sense, since some particular constructions may be approved or considered secure while others are not. —Preceding unsigned comment added by Purplie (talkcontribs) 23:13, 23 March 2010 (UTC)[reply]

I removed the "PCI DSS" section for two reasons. Reason the first - The section seemed largely out of place in an article that is otherwise fairly centered on a current type of cryptography being investigated. Including a section about PCI - which is not a cryptographic standard in and of itself and references other standards for support - was distracting and unnecessary IMO. And reason the second - the accepted use of a cryptographic method to satisfy a PCI requirement is entirely up to the discretion of the assessing entity (a QSA in PCI parlance). With information presented in this article and in other easily searchable locations (like the Rogaway, Black, Bellare, Ristenpart etc. papers) can lead a QSA to form an opinion one way or the other. Furthermore, given Visa's recent acceptance of the format preserving methods in its published DFE practices (http://corporate.visa.com/_media/best-practices.pdf), it looks like at least one card brand will allow the use of this method for the very purpose of meeting certain PCI requirements. Absaroke (talk) 21:20, 19 October 2009 (UTC)absaroke[reply]

Anyone else think the organization of this article is a bit schizophrenic? I think we might want to look at some of the other crypto articles and organize it a little more logically? The various FPE constructions and modes should be put into a sub-section, not as individual sections from the root of the article. Anyone else have thoughts? It might be nice to keep the intro, keep the motivation section, maybe add/consolidate a history or summary section of FPE research/methods, then go into the different constructions, and since all good crypto articles include cryptanalysis, we should add that...any thoughts? Absaroke (talk) 21:30, 19 October 2009 (UTC)absaroke[reply]

Is "Format-preserving Encryption" really a widely-used name for this idea? It's misleading because it sounds like a special case, when really it's a more general case (with regular block ciphers being the special case).

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Talk:Format-preserving_encryption&oldid=352034014"