Several Proofs of Security for a Tokenization Algorithm

Riccardo Longo; Massimiliano Sala; and Riccardo Aragona

arXiv:1609.00151·cs.CR·April 26, 2019

Several Proofs of Security for a Tokenization Algorithm

Riccardo Longo, Massimiliano Sala, and Riccardo Aragona

PDF

TL;DR

This paper introduces a reversible hybrid tokenization algorithm based on block ciphers, provides formal security proofs aligning with PCI DSS standards, and evaluates its practical efficiency and security.

Contribution

It presents a new tokenization algorithm with formal security proofs and practical instantiation, advancing secure payment data handling.

Findings

01

The algorithm satisfies PCI DSS security requirements.

02

The concrete instantiation is efficient and secure.

03

Formal proofs validate the security of the proposed method.

Abstract

In this paper we propose a tokenization algorithm of Reversible Hybrid type, as defined in PCI DSS guidelines for designing a tokenization solution, based on a block cipher with a secret key and (possibly public) additional input. We provide some formal proofs of security for it, which imply our algorithm satisfies the most significant security requirements described in PCI DSS tokenization guidelines. Finally, we give an instantiation with concrete cryptographic primitives and fixed length of the PAN, and we analyze its efficiency and security.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.