Cryptographic Algorithm Requirements

• We incorporate the algorithms used by the Enterprise. It should not be necessary to develop any new algorithms for Blind Encrypted Data Matching with one possible exception (point 3 below).
• The software operation requires cryptographic algorithms in three categories:
1. symmetric encryption algorithm:
   A symmetric encryption algorithm uses the same key to encrypt and decrypt content. Such algorithms are generally the fastest and they are secure if the key is well chosen, if it changes frequently and if a key is never reused.
2. asymmetric encryption algorithm:
   An asymmetric encryption algorithm uses the private key from a public-private key pair to encrypt data while the corresponding public key of the pair is needed to decrypt data. Such algorithms are generally called public key algorithms and they are generally slow. However, they allow positive identification of sources, prevent the decryption of any document by an unintended party, and detect any attempt to alter the encrypted text in transit.
3. concealment algorithm for numeric values:
   These algorithms use a key - typically the same key as the symmetric encryption algorithm would use - and use it to modify the numeric value of a particular symbol so that it is difficult to discover the value. However, the order relationships among members of a set of such values will be preserved. This feature allows the encrypted matching algorithms to match on numeric range or numeric inequality. Such algorithms have been described in the literature as "order preserving encryption" algorithms or OPE. According to some authorities the term OPE is an oxymoron because the concealment of the value is too weak to qualify as encryption. Nevertheless, the algorithm has its uses. These algorithms are not standardized and it is generally necessary to provide an algorithm if it is needed for the enterprise operation.