×

A framework for security analysis of key derivation functions. (English) Zbl 1291.94166

Ryan, Mark D. (ed.) et al., Information security practice and experience. 8th international conference, ISPEC 2012, Hangzhou, China, April 9–12, 2012. Proceedings. Berlin: Springer (ISBN 978-3-642-29100-5/pbk). Lecture Notes in Computer Science 7232, 199-216 (2012).
Summary: This paper presents a comprehensive formal security framework for key derivation functions (KDF). The major security goal for a KDF is to produce cryptographic keys from a private seed value where the derived cryptographic keys are indistinguishable from random binary strings. We form a framework of five security models for KDFs. This consists of four security models that we propose: Known Public Inputs Attack (KPM, KPS), Adaptive Chosen Context Information Attack (CCM) and Adaptive Chosen Public Inputs Attack (CPM); and another security model, previously defined by H. Krawczyk [Advances in cryptology – CRYPTO 2010. 30th annual cryptology conference. Lect. Notes Comput. Sci. 6223, 631–648 (2010; Zbl 1283.94072)], which we refer to as Adaptive Chosen Context Information Attack (CCS). These security models are simulated using an indistinguisibility game. In addition we prove the relationships between these five security models and analyse KDFs using the framework (in the random oracle model).
For the entire collection see [Zbl 1239.68010].

MSC:

94A60 Cryptography

Citations:

Zbl 1283.94072
PDFBibTeX XMLCite
Full Text: DOI