Abstract
This paper presents a comprehensive formal security framework for key derivation functions (KDF). The major security goal for a KDF is to produce cryptographic keys from a private seed value where the derived cryptographic keys are indistinguishable from random binary strings. We form a framework of five security models for KDFs. This consists of four security models that we propose: Known Public Inputs Attack (KPM, KPS), Adaptive Chosen Context Information Attack (CCM) and Adaptive Chosen Public Inputs Attack(CPM); and another security model, previously defined by Krawczyk [6], which we refer to as Adaptive Chosen Context Information Attack(CCS). These security models are simulated using an indistinguisibility game. In addition we prove the relationships between these five security models and analyse KDFs using the framework (in the random oracle model).
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Adams, C., Kramer, G., Mister, S., Zuccherato, R.: On The Security of Key Derivation Functions. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 134–145. Springer, Heidelberg (2004)
Barak, B., Shaltiel, R., Tromer, E.: True Random Number Generators Secure in a Changing Environment. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 166–180. Springer, Heidelberg (2003)
Dang, Q.: Recommendation for Existing Application-Specific Key Derivation Functions. NIST Special Publication 800, 135 (2010)
Kaliski, B.: PKCS# 5: Password-based cryptography specification version 2.0. Technical report, RFC 2898 (September 2000)
Krawczyk, H.: On Extract-then-Expand Key Derivation Functions and an HMAC-based KDF (2008), http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.131.8254&rep=rep1&type=pdf
Krawczyk, H.: Cryptographic Extraction and Key Derivation: The HKDF Scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010)
Krawczyk, H., Eronen, P.: HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Technical report, RFC 5869 (May 2010)
McGrew, D., Weis, B.: Key Derivation Functions and Their Uses (2010), http://www.ietf.org/id/draft-irtf-cfrg-kdf-uses-00.txt
Shoup, V.: ISO 18033-2: An emerging standard for public-key encryption. Final Committee Draft (December 2004)
Yao, F.F., Yin, Y.L.: Design and Analysis of Password-Based Key Derivation Functions. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 245–261. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wen, C.C., Dawson, E., González Nieto, J.M., Simpson, L. (2012). A Framework for Security Analysis of Key Derivation Functions. In: Ryan, M.D., Smyth, B., Wang, G. (eds) Information Security Practice and Experience. ISPEC 2012. Lecture Notes in Computer Science, vol 7232. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29101-2_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-29101-2_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29100-5
Online ISBN: 978-3-642-29101-2
eBook Packages: Computer ScienceComputer Science (R0)