Skip to content

filipzz/riffpe

BranchesTags

Repository files navigation

Riffpe - a Riffle-Shuffle-based Format Preserving Encryption

Wheels

This repository contains the following:

  • an optimized C++17 implementation of Riffpe in form of a simple library (libriffpe)
  • a pure Python implementation of riffpe (pyriffpe/riffpe/_fallback)
  • Python bindings to libriffpe (pyriffpe/riffpe/_native)
  • Python-based CLI for Riffpe (using either libriffpe bindings or fallback implementation)

Requirements

  • For the C++ code, all you need is CMake (at least 3.18), C++ compiler supporting at least C++17, and a supported build system (e.g. Ninja, GNU Make, MSBuild)
  • For Python bindings, C++ compiler ought to be enough, as CMake and Ninja are being pulled in by setuptools during package build and thus do not need to be present in the system. At least Python 3.7 is required.
  • For pure Python implementation, PyCryptodome package is required (will be pulled automatically with pip install).

Installation

[TBD]

To install full developement version from source issue:

pip install -e .[tests,benchmark]

This should pull all required build dependencies.

Usage

As a standalone module:

Message encryption:

$ python -m riffpe.encrypt -k 00112233445566778899aabbccddeeff -n 100 -l 8 1234123456785678
5158543106053628

Message decryption:

$ python -m riffpe.decrypt -k 00112233445566778899aabbccddeeff -n 100 -l 8 5158543106053628
1234123456785678

The input messages are treated as integers and sliced in a little-endian order; big-endian order may be requested by providing -B switch:

$ python -m riffpe.encrypt -k 00112233445566778899aabbccddeeff -n 100 -l 8 1234123456785678
5158543106053628

$ python -m riffpe.encrypt -k 00112233445566778899aabbccddeeff -n 100 -l 8 7856785634123412 -B
2836050631545851

Note: 5158543106053628 is 2836050631545851 in reverse (in chunks of 2 digits, since $n=100$), just as 7856785634123412 is 1234123456785678.

$ python -m riffpe.encrypt -k 00112233445566778899aabbccddeeff -n 100 -l 8 7766554433221100 -t 416C696365
4744161879108363

Currently tag (-t) must be passed as a hex string. In future, possibly another option will allow ASCII or UTF-8 encoding. In the example above, tag 416C696365 corresponds to an ASCII string "Alice".

As a Python module:

from riffpe import Riffpe

fpe = Riffpe(
    radix=100, 
    digits=8, 
    key=bytes.fromhex("00112233445566778899aabbccddeeff"),
    tweak=b'',
)

ptx = [78, 56, 78, 56, 34, 12, 34, 12]

ctx = fpe.encrypt(ptx)
print("ctx:", ctx)

ptx = fpe.decrypt(ctx)
print("ptx:", ptx)

Output:

ctx: [28, 36, 5, 6, 31, 54, 58, 51]
ptx: [78, 56, 78, 56, 34, 12, 34, 12]

Testing

pytest pyriffpe/tests

Performance

Benchmarks and comparison to other FPEs are available here.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages