Attacking the IETF/ISO Standard for Internal Re-keying CTR-ACPKM
نویسندگان
چکیده
Encrypting too much data using the same key is a bad practice from security perspective. Hence, it customary to perform re-keying after given amount of transmitted. While in many cases, done fresh execution some exchange protocol (e.g., IKE or TLS), there are scenarios where internal re-keying, i.e., without information, performed, mostly due performance reasons.Originally suggested by Abdalla and Bellare, several proposals on how this mechanism. For example, Liliya et al. offered CryptoPro Key Meshing (CPKM) be used together with GOST 28147-89 (known as block cipher). Later, ISO IETF adopted Advanced (ACKPM) 10116 RFC 8645, respectively.In paper, we study ACPKM CPKM. We show that suffers an entropy loss successive repetitions rekeying attacks based issue. The most prominent one has time complexities O(2κ/2) success rate O(2−κ/4) for κ-bit key.Furthermore, malicious cipher designer faulty implementation can exploit (or original CPKM) mechanism significantly hinder employing CPKM). Namely, such re-keyed greatly reduced.
منابع مشابه
A New Birthday-Type Algorithm for Attacking the Fresh Re-Keying Countermeasure
The fresh re-keying scheme is a countermeasure designed to protect low-cost devices against side-channel attacks. In this paper, we present a new birthdaytype attack based on a refined reduction to Ring-LPN with a reducible polynomial. Compared with the previous research, our algorithm significantly reduces the time complexity in the 128-bit leakage model—with an SNR equal to 8 and at most 2 tr...
متن کاملIncreasing the Lifetime of Symmetric Keys for the GCM Mode by Internal Re-keying
In this paper we introduce a classification of existing approaches to increase the security of block cipher operation modes based on re-keying, putting the focus on so-called internal re-keying without master key — re-keying during each separate message processing with no additional keys required. For extending the GCM base mode we provide an internal re-keying technique called ACPKM. This tech...
متن کاملLeakage-Resilient Symmetric Encryption via Re-keying
In the paper, we study whether it is possible to construct an efficient leakage-resilient symmetric scheme using the AES block cipher. We aim at bridging the gap between the theoretical leakage-resilient symmetric primitives used to build encryption schemes and the practical schemes that do not have any security proof against side-channel adversaries. Our goal is to construct an as efficient as...
متن کاملOn the properties of the CTR encryption mode of the Magma and Kuznyechik block ciphers with re-keying method based on CryptoPro Key Meshing
This paper presents a security bound in the standard security model for the Magma cipher CTR encryption mode and the «CryptoPro Key Meshing» ( CPKM ) re-keying method that was previously used with the GOST 28147-89 cipher. We enumerate the main requirements that should be followed during the development of re-keying methods, then we propose a modified method and justify its advantages over CPKM...
متن کاملKronos: A Scalable Group Re-Keying Approach for Secure Multicast
In this paper, we describe a novel approach to scalable group re-keying for secure multicast. Our approach, which we call Kronos, is based upon the idea of periodic group re-keying. We first motivate our approach by showing that if a group is re-keyed on each membership change, as the size of the group increases and/or the rate at which members leave and join the group increases, the frequency ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: IACR transaction on symmetric cryptology
سال: 2023
ISSN: ['2519-173X']
DOI: https://doi.org/10.46586/tosc.v2023.i1.41-66