A Framework for Security Analysis of Key Derivation Functions
نویسندگان
چکیده
This paper presents a comprehensive formal security framework for key derivation functions (KDF). The major security goal for a KDF is to produce cryptographic keys from a private seed value where the derived cryptographic keys are indistinguishable from random binary strings. We form a framework of five security models for KDFs. This consists of four security models that we propose: Known Public Inputs Attack (KPM, KPS), Adaptive Chosen Context Information Attack (CCM) and Adaptive Chosen Public Inputs Attack(CPM); and another security model, previously defined by Krawczyk [6], which we refer to as Adaptive Chosen Context Information Attack(CCS). These security models are simulated using an indistinguisibility game. In addition we prove the relationships between these five security models and analyse KDFs using the framework (in the random oracle model).
منابع مشابه
A Comprehensive Security Analysis of the TUAK Algorithm Set
The authentication and key generation functions play a significant role to guarantee security and privacy in cellular mobile communications. MILENAGE is a set of authentication and key generation functions proposed by the 3 Generation Partnership Project (3GPP). Most recently, the 3GPP Task Force proposed a new set of authentication and key generation functions, called TUAK, as an alternative f...
متن کاملRKA Security beyond the Linear Barrier: IBE, Encryption and Signatures
We provide a framework enabling the construction of IBE schemes that are secure under related-key attacks (RKAs). Specific instantiations of the framework yield RKA-secure IBE schemes for sets of related key derivation functions that are non-linear, thus overcoming a current barrier in RKA security. In particular, we obtain IBE schemes that are RKA secure for sets consisting of all affine funct...
متن کاملConnecting tweakable and multi-key blockcipher security
The significance of understanding blockcipher security in the multi-key setting is highlighted by the extensive literature on attacks, and how effective key size can be significantly reduced. Nevertheless, little attention has been paid in formally understanding the design of multi-key secure blockciphers. In this work, we formalize the multi-key security of tweakable blockciphers in case of ge...
متن کاملCatena: A Memory-Consuming Password-Scrambling Framework
It is a common wisdom that servers should store the one-way hash of their clients’ passwords, rather than storing the password in the clear. In this paper we introduce a set of functional properties a key-derivation function (password scrambler) should have. Unfortunately, none of the existing algorithms satisfies our requirements and therefore, we introduce a novel and provably secure password...
متن کاملAnalysis of Different Privacy Preserving Cloud Storage Frameworks
Privacy Security of data in Cloud Storage is one of the main issues. Many Frameworks and Technologies are used to preserve data security in cloud storage. [1] Proposes a framework which includes the design of data organization structure, the generation and management of keys, the treatment of change of user’s access right and dynamic operations of data, and the interaction between participants....
متن کامل