Cisco open sources cloud-centric block ciphers

Cisco is open sourcing block cipher technology to, the company hopes, better protect and control traffic privacy in cloud computing systems

What is block cipher technology?


A block cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to a block of data (for example, 64 contiguous bits) at once as a group rather than to one bit at a time.

Flexible Naor & Reingold

Cisco is creating the Flexible Naor and Reingold (FNR) encryption scheme which will exist under open source licence LGPLv2.

Cisco software engineer Sashank Dara has said that FNR is an experimental small domain block cipher for encrypting objects (< 128 bits) like IPv4 addresses, MAC addresses, arbitrary strings, etc. while preserving their input lengths.

“The demo application written is for encryption of IPv4 addresses (the cipher preserves their formats as well if needed). When FNR is used in ECB mode, it realizes a deterministic encryption scheme. Like all deterministic encryption methods, this does not provide semantic security, but determinism is needed in situations where anonymizing telemetry and log data (especially in cloud based network monitoring scenarios) is necessary,” he said, in a Cisco blog post.

Importantly this is still an experimental block cipher, not ready for production yet.