[Cryptography] [dns-operations] IP address encryption: pseudonymization
Viktor Dukhovni
cryptography at dukhovni.org
Mon Feb 26 18:40:39 EST 2018
> On Feb 26, 2018, at 6:23 PM, Jimmy Hess <mysidia at gmail.com> wrote:
>
>> Another easy to describe approach, be it at a higher memory cost, is a
>> random permutation of 2^32 4 byte elements requires just 16GB of storage.
>
> 1* Arguably "bespoke 32-bit block cipher".... and "In-Place
> Scrambling" are questionable.
> I would have some doubts about the strength of the cipher.
Keyed ciphers try to be indistinguishable from a random permutation, an
actual random permutation is about as strong as it gets.
What is unavoidably problematic is that the same input needs to
produce the same output each time. But this, IIRC, is a requirement,
the mapping should keep distinct inputs distinct and identical inputs
identical. That is a permutation (random or secret-keyed) is required.
--
Viktor.
More information about the cryptography
mailing list