Is it possible to implement AES with a 64-bit I/O block size?

Question

I'm working on an application with a very specific encryption requirement:
We are required to encrypt/decrypt individual 64-bit values, to protect certain parts of our internal architecture from reverse engineering through our public web endpoints.

The problem is, the existing 64-bit encryption methods (such as 3DES) are not secure enough to meet our requirements (as far as I know).
They also perform slower than AES, which is another painpoint.

My question is, can we feasibly implement AES with a 64-bit block for input and output?
Would we have to create a modified AES algorithm? (Not a total deal-breaker if we do.)

Answer 1

AES is defined only for 128-bit block sizes. If there would be a way to reduce the block size, it wouldn't be AES anymore. The block cipher is not the only thing that determines what you can encrypt. The mode of operation determines how the block cipher is actually applied.

If you have a limited size plaintexts, you can use AES in a streaming mode such as CTR mode (which encrypts a counter and XORs the resulting block with the plaintext). Ciphertexts in this mode have the exact length as the plaintext. The only problem is that for it to be secure, the nonce (IV) must be unique for every ciphertext under the same key. If your system can keep track of the nonces (they can be simple 96-bit global counters or even 128-bit global counters if the plaintexts are never longer than 128-bit), then you should be able to fulfill your requirement.

CTR encryption:

Answer 2

No. AES is specified with four basic operations on a 4x4 matrix: SubBytes, ShiftRows, MixColumns and AddKey.

An "8 byte AES" would be a fundamentally different cipher. Especially the ShiftRows and MixColumns operations are based on the concept of a square matrix. Hence the block size of any "AES-like" block cipher would need to be a square of N (4, 9, 16, ...).