Decimal encryption

Jonathan Katz jkatz at
Thu Aug 28 11:26:26 EDT 2008

On Wed, 27 Aug 2008, Hovav Shacham wrote:

> ----- "Jonathan Katz" <jkatz at> wrote:
>> But he probably wants an encryption scheme, not a cipher.
> Jon, I'm not sure I understand what you mean.
> If I am reading his message correctly, the original poster seems
> to be asking for a format-preserving encryption over a domain
> with 10^40 elements.  Format-preserving, it seems to me, implies
> [a family of keyed] functions that are one-to-one and
> deterministic.  In other words, the best security we can hope for
> is a PRP on that domain, and this is what B-R gives, starting
> from a PRP over a "somewhat larger" domain.
> In this setting, what is the difference between an encryption
> scheme and a cipher?

Yes, I can see this might cause confusion.

Just to clarify: I had emailed the original poster off-line and he
told me that he was willing to use other information already being
sent in the clear as a non-repeating IV. Given this, secure (and, in
particular, non-deterministic) encryption is possible.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list