Tokenization 111117080019 Phpapp01

Tokenization
Format Preserving Encryption

A Case study
Cartes & Identification 2011
08 Septembre 2011
Transactional services. Powering progress Confidential

| 08-09-2011 | Cauchie stphane
1
Carte & Identification 2011
Summary
What is Tokenization in two words

Definition & Functionalities
Use cases
How does it work ?

Random Token System
Conclusion
2
What is tokenization in two words [DEFINITION]
Definition
Tokenization is a process of replacing sensitive data by non sensitive ones
(tokens) with respect of the following properties:
Tokens bears enough information to be useful (e.g. The entity manipuling
token can accomplish transaction as it was the sensitive data).
Tokens does not compromise security
Tokenization system tries to minimize the integration impact on existing
infrastructure
Who offer such service

3
What is tokenization in two words [FUNCTIONALITIES]
Function description of a Tokenization system

Conversion (Convert sensitive data into a token and vice versa)
Conversion policy (Format definition, Mode of operation)
Communication Canal : Authentication, Integrity, Confidentiality
External Tokenization
System System

4
What is tokenization in two words [USE-CASES]
Focusing on payment (but not limited to)

Context :
Sensitive data : PAN,
PCI compliancy Issuer Acquire
r
Use cases
MOTO
Face2Face
CardHolder Acceptor

5

Context :
PCI compliancy Issuer Acquirer
Use cases
MOTO
Proximity payment
E2E-Encryption
CardHolder Acceptor

6

Context :
PCI compliancy Issuer Acquirer
Use cases
MOTO
Proximity payment
Secure MOTO
CardHolder Acceptor

7

Context :
Sensitive data : PAN, Process
PCI compliancy Issuer transaction Acquirer
Use cases
MOTO
Proximity payment
CardHolder Acceptor

8
Summary

Use cases
How does it work ?

Random Token System
Conclusion
9
Tokenization and Format Preserving Encryption: A Case Study
How does it works ? [Objectives-Constraints]
PCI-DSS(Payment Card Industry Data Security Standard) :

Security requirements for entities processing cards data
(processing, transmission and storage)
Objectives:
Reduce PCI evaluation perimeter
Choose a suitable algorithm that tokenize a PAN
Constraints:
The algorithm must be collision free
In a certain mode the algorithm must be not reversible
In certain mode the algorithm must not takes secret parameters

10
How does it works [RandomToken]
Random Token
Card data are
ciphered (classic algorithms)
stored in a database
System generate an associated token
Format respect
Checks for no Collision

11
Summary

Use cases
How does it work ?

Random Token System
Conclusion
12
How does it works [FPE based tokenization]
FPE : Format Preserving Encryption.
Introduced by Brightwell [BS97]

o Encryption scheme with
o format preserving property
Format definition is a key point
Follow PCI guidelines :
rving
you have to differentiate a Token from a PAN ti o n o f F o rmat Prese
uc
First introd [BS97]
Encryption
NIST is considering 3 FPE algorithms
Applications :
Security Social Number
Credit Card Number

13
How does it works [FPE based tokenization]
NIST is considering 3 FPE algorithms

FFX [FFX10]
BPS [BPS10]
FCEM [FCEM10]
PS EM
F X B F C
F

14
How does it works [Cryptographic-Approach]
Feistel
o Invent par Horst Feistel .
o Round notion
o Input are split in 2
o F : cipher function
o Secret key K
o Key Derivation algorithm
o During a round
Ai+1 = Bi
Bi+1 = Ai Fki(Bi)
+
o Example
DES : 16 tours.

15
How does it works [Cryptographic-Approach]
Cryptographic notions
Tweak Notion : Add variability in cryptographic schemes
Patarin attack : Differentiate ciphertext from random string
Feature FFX BPS FCEM

Feistel based Yes Yes No
#Rounds 12 8 2
Cipher function AES AES/TDES/SHA AES
#Function is used 12 8 8
Reversibility Yes Yes Yes
Tweak Yes Yes No

16
How does it works [Analysis]
Feature Random Token FPE

Multi Site Difficult Medium
Key deployment Medium Hard
Format preserving Easy Easy
Performance Low Fast
Token/Data link No (except in DB) Algorithm

17
Summary

Use cases
How does it work ?

Random Token System
Conclusion
18
Conclusion [VISION]
Which choice ?
RTS
Process
Issuer transaction Acquirer
Secure MOTO
FPE
E2E-Encryption
FPE FPE
CardHolder Acceptor

19
Conclusion []
Tokenization in payment context

It allows the reduction of PCI audit perimeter in a payment application
Waiting for NIST approval.
Depending on use case:

Random Tokenization:
In case of internal processing
FPE based Tokenzaton

In case of multi site,
In case of multi-party protocols

20
Questions ?
References Title
[BS97] Brigthwell, Michael & Smith
Using datatype preserving encryption to enhance data warehouse security.
20th National Information Systems Security Conference, NIST, 1997.
[FFX10] Bellare M, Rogaway P & Spies T
The FFX Mode of Operation for Format preserving Encryption. 2010.
[BPS10] Brier E, Peyrin T & Stern J
BPS : a format Preserving Encryption Proposal. Ingenico, 2010.
[FCEM10] Ulf T Matsson
Format preserving Encryption Using Datatype preserving Encryption. 2010.
[SEC2] Certicom Research. SEC2: Recommended Elliptic Curve Domain Parameters. 2000.
[BSGS] D. Shanks. Five number-theoretic algorithms. Proceeding of the second Manitoba
Conference on Numerical Mathematics. 1975.
[RHO] J.M. Pollard. A monte carlo method for factorization. 1978.
[CI] Pierrick Gaudry. Algorithmiques des courbes algbriques pour la cryptologie. 2008
atos.net
[PCI] Scoping SIG, Tokenization Tasforce, PCI Security Standards Council. PIC-DSS. 2011
Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud and Atos WorldGrid
are registered trademarks of Atos SA. August 2011
2011 Atos. Confidential information owned by Atos, to be used by the recipient only. This document, or any part of it,
may not be reproduced, copied, circulated and/or distributed nor quoted without prior written approval from Atos.
Transactional services. Powering progress Confidential

Survey on FPE
BPS

22
Survey on FPE
BPS :
Autor: Brier E, Peyrin T & Stern J.
Published in 2010.
BPS : "a Format Preserving Encryption

Proposal ".
Features:
8 round.
Tweak of 64 bits split in 2 sub tweak
o TL et TR
F : AES or one way function.
K : secret key
reversible.
Patarin resistant.

23
Survey on FPE

24
Survey on FPE
FFX

25
Survey on FPE
FFX :
Autors : Bellare M, Rogaway P & Spies T.
Published in 2009 and 2010.
FFX : "Format Preserving Feistel-based Encryption"
Features:
12 round,
64 bits tweak,
FK : AES-128 or one-way function
K : secret key
reversible

26
Survey on FPE
FCEM
27 | 08-09-2011 | Cauchie stphane

27
Survey on FPE
Autor :Ulf T Matsson.
Published in 2009.
FCEM : "Format Controlling Encryption Mode".
Features:
8 steps
o Index Value Data
o Encryption of Left
o Encryption of Right
o Scrambled
o Rippled Left to Right
o Rippled Right to Left
o Encryption and Update
o The last transformation
F : AES-128
K : secret key
reversible

28
Survey on FPE
Index Value data :

Rewriting input as hexa values.
Example:
o X : 1122334455667788
o Index Value data : 01010202030304040505060607070808
Encryption of Left :
left part encryption
Example :
o Index Value data : 01010202030304040505060607070808
o Sortie de FK: 00C01F49D0C2C050188D8FDFADCDF846
o RightUpdate : 0507070905010008
Encryption of Right :
Same idea
We get LeftUpdate : 0101080503060303

29
Survey on FPE
Scrambled :
Concat LeftUpdate and RightUpdate .
Example:
o CipherScrambled : 01010805030603030507070905010008
RippledLeftToRight :
Scrambled modifying by :
o CipherScrambled : 01010805030603030507070905010008
o 01 01 = (0 16) + 1 + (0 16) + 1 = 02 02 (mod10).
o RippledLeftToRight = 0102
o RippledLeftToRight = 01020005080407000503090803040402
RippledRightToLeft :
Same idea
RippledLeftToRight = 04030101060804070702000103000602

30
Survey on FPE
Encryption and Modular Sum :

RippledLeftToRight : 04030101060804070702000103000602
31 | 08-09-2011 | Cauchie stphane

31

Tokenization 111117080019 Phpapp01

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Tokenization 111117080019 Phpapp01

Uploaded by

Copyright:

Available Formats

Tokenization

Format Preserving Encryption

Transactional services. Powering progress Confidential

What is Tokenization in two words

How does it work ?

| 08-09-2011 | Cauchie stphane

Function description of a Tokenization system

| 08-09-2011 | Cauchie stphane

Focusing on payment (but not limited to)

| 08-09-2011 | Cauchie stphane

Focusing on payment (but not limited to)

| 08-09-2011 | Cauchie stphane

Focusing on payment (but not limited to)

| 08-09-2011 | Cauchie stphane

Focusing on payment (but not limited to)

| 08-09-2011 | Cauchie stphane

What is Tokenization in two words

How does it work ?

How does it works ? [Objectives-Constraints]

PCI-DSS(Payment Card Industry Data Security Standard) :

| 08-09-2011 | Cauchie stphane

How does it works [RandomToken]

| 08-09-2011 | Cauchie stphane

What is Tokenization in two words

How does it work ?

How does it works [FPE based tokenization]

FPE : Format Preserving Encryption.

Introduced by Brightwell [BS97]

| 08-09-2011 | Cauchie stphane

How does it works [FPE based tokenization]

NIST is considering 3 FPE algorithms

| 08-09-2011 | Cauchie stphane

How does it works [Cryptographic-Approach]

| 08-09-2011 | Cauchie stphane

How does it works [Cryptographic-Approach]

Feature FFX BPS FCEM

| 08-09-2011 | Cauchie stphane

How does it works [Analysis]

Feature Random Token FPE

| 08-09-2011 | Cauchie stphane

What is Tokenization in two words

How does it work ?

| 08-09-2011 | Cauchie stphane

Tokenization in payment context

Depending on use case:

FPE based Tokenzaton

| 08-09-2011 | Cauchie stphane

Transactional services. Powering progress Confidential

| 08-09-2011 | Cauchie stphane

Autor: Brier E, Peyrin T & Stern J.

BPS : "a Format Preserving Encryption

| 08-09-2011 | Cauchie stphane

| 08-09-2011 | Cauchie stphane

| 08-09-2011 | Cauchie stphane

Autors : Bellare M, Rogaway P & Spies T.

Published in 2009 and 2010.

FFX : "Format Preserving Feistel-based Encryption"

| 08-09-2011 | Cauchie stphane

27 | 08-09-2011 | Cauchie stphane

Autor :Ulf T Matsson.

FCEM : "Format Controlling Encryption Mode".

| 08-09-2011 | Cauchie stphane

Index Value data :