Format-transforming encryption
{{Orphan|date=July 2017}}
In cryptography, format-transforming encryption (FTE) refers to encryption where the format of the input plaintext and output ciphertext are configurable. Descriptions of formats can vary, but are typically compact set descriptors, such as a regular expression.{{cite book |date=November 2013 |pages=61–72 |doi=10.1145/2508859.2516657 |chapter-url=https://eprint.iacr.org/2012/494.pdf |language=EN |author1=Kevin P. Dyer |author2=Scott E. Coull |author3=Thomas Ristenpart |author4=Thomas Shrimpton |title=Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security - CCS '13 |chapter=Protocol misidentification made easy with format-transforming encryption |isbn=9781450324779 |s2cid=526039 }}
Format-transforming encryption is closely related to, and a generalization of, format-preserving encryption.
Applications of FTE
= Restricted fields or formats =
Similar to format-preserving encryption, FTE can be used to control the format of ciphertexts. The canonical example is a credit card number, such as 1234567812345670 (16 bytes long, digits only).
However, FTE does not enforce that the input format must be the same as the output format.
= Censorship circumvention =
FTE is used by the Tor Project to circumvent deep packet inspection by pretending to be some other protocols.{{cite web|title=Tor Project: Pluggable Transports |url=https://www.torproject.org/docs/pluggable-transports.html.en |work=torproject.org |accessdate=2016-08-05}} The implementation is {{tt|fteproxy}}; it was written by the authors who came up with the FTE concept.{{cite web |last1=Dyer |first1=Kevin P. |title=kpdyer/fteproxy |website=GitHub |url=https://github.com/kpdyer/fteproxy |date=27 February 2020}}