Browse > Article
http://dx.doi.org/10.13089/JKIISC.2010.20.4.3

Provable Security of Key Derivation Functions Based on the Block Ciphers  

Kang, Ju-Sung (Department of Mathematics, Kookmin University)
Yi, Ok-Yeon (Department of Mathematics, Kookmin University)
Youm, Ji-Sun (Department of Mathematics, Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.20, no.4, 2010 , pp. 3-16 More about this Journal
Abstract
Key derivation functions are used within many cryptographic systems in order to generate various keys from a fixed short key string. In this paper we survey a state-of-the-art in the key derivation functions and wish to examine the soundness of the functions on the view point of provable security. Especially we focus on the key derivation functions using pseudorandom functions which are recommended by NISI recently, and show that the variant of Double-Pipeline Iteration mode using pseudorandom permutations is a pseudorandom function. Block ciphers can be regarded as practical primitives of pseudorandom permutations.
Keywords
Key derivation function; Provable security; Pseudorandom function; Pseudorandom permutation; Modes of operation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication," RFC2104, Feb. 1997.
2 Federal Information Processing Standards Publication 197, "Specification for the ADVANCED ENCRYPTION STANDARD (AES)," Non. 2001.
3 C. Adams, G. Kramer, S. Mister, and R. Zuccherato, "On the security of key derivation functions," LNCS 3225, Springer- Verlag, pp 134-145, 2004.
4 IEEE 802.15.1TM : "IEEE Standard for Information technology-Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements Part 15.1: Wireless medium access control (MAC) and physical layer (PHY) specifications for wireless personal area networks (WPANs)," Jun, 2002,
5 NIST Special Publication 800-56A Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, National Institute of Standards and Technology, Mar. 2007.
6 NIST Special Publication 800-108, "Recommendation for Key Derivation Using Pseudorandom Functions (Revised) ," SP 800-108, Oct. 2009.
7 3GPP TR 35.909 v8.0.0 : "3rd Generation Partnership Project: Technical Specification Group Services and System Aspects: 3G Security: Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, $f1^{\ast}$, f2, f'3, f4, f5 and $f5^{\ast}$: Document 5: Summary and results of design and evaluation," Dec. 2008.
8 ISO/IEC 18033-2 : 2006, Information technology - Security techniques - Encryption algorithms - Part 2: Asymmetric ciphers. Ed. Victor Shoup, 2006. The final committee draft version FCD 18033-2, Dec. 2004.
9 RSA Laboratories. PKCS #1 v2.1: RSA Encryption Standard. Jun. 2002, .
10 ANSI X9.42-2003 Agreement of Symmetric Keys Using Discrete Logarithm Cryptography, American National Standards Institute, 19 Nov. 2003.
11 IEEE 802.11i : "IEEE Standard for Information technology-Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications Amendment 6: Medium Access Control (MAC) Security Enhancements," Jul. 2004.
12 RSA Laboratories. PKCS #5 v2.1: Password-Based Cryptography Standard, 5 Oct, 2006.
13 Bruce Schneier, Applied Cryptography - Protocols, Algorithms and Source Code in C, second edition, John Wiley, Nov. 1995.
14 H. Gilbert, "The security of One-Block-to- Many modes of operation," FSE 2003, LNCS 2887, pp. 376-395, 2003.
15 IEEE P1363 Standard Specifications for Public Key Cryptography, IEEE, Nov. 1993.
16 J. Patarin, "New results on pseudorandom permutation generators based on the DES scheme," Advances in Cryptology - CRYPTO'91, LNCS 576, pp. 301-316, 1992.
17 S. Vaudenay, "On Provable Security for Conventional Cryptography," Proc. ICISC '99, invited lecture, LNCS 1787, pp. 1-16, 2000.
18 J. Massey, G. Khachatrian, and M. Kuregian, "Nomination of SAFER+ as Candidate Algorithm for the Advanced Encryption Standard (AES)," NIST AES Proposal, 1998,