eSPF: A Family of Format-Preserving Encryption Algorithms Using MDS Matrices

The construction SPF, presented in Inscrypt-2016 was the first known SPN based format-preserving encryption algorithm. In this work, we significantly improve its performance and flexibility. We term this new construction as eSPF. Unlike SPF, all the basic transformations of eSPF are defined under the field Fp. This allows us to use a MDS matrix instead of the binary matrix used in SPF. The optimal diffusion of MDS matrix leads to an efficient and secure design. However, this change leads to violations in the message format. To mitigate this, we propose a discarding algorithm to drop the symbols that are not the elements of the format thus preserving it. We also present a concrete instantiation of eSPF for digits and its comparison with existing FPE algorithms like FFX and SPF. The performance analysis shows that the proposed design is at least 15 times faster than FFX for most of the practical applications.