Skip to main content
SpringerLink
Log in

On the Security Analysis of Weak Cryptographic Primitive Based Key Derivation Function

  • Conference paper
  • First Online:
Information Science and Applications 2017 (ICISA 2017)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 424))

Included in the following conference series:

  • 2756 Accesses

Abstract

A key derivation function is a function that generate one or more cryptographic keys from a private string together with some public information. The generated cryptographic key(s) must be indistinguishable from random binary strings of the same length. To date, there are designed of key derivation function proposals using cryptographic primitives such as hash functions, block ciphers and stream ciphers. The security of key derivation functions are based on the assumption that the underlying cryptographic primitives are secure from attacks. Unfortunately, the current works do not investigate the consequences for key derivation functions if the cryptographic primitives that are used to build the key derivation functions are broken. In this paper, we are confirmed by results of having the cryptographic primitives that are used to build the key derivation functions are broken, it allows the adversaries to distinguish the cryptographic key from the random binary string of the same length.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62–73. ACM (1993)

    Google Scholar 

  2. Cao, Z.: How to Launch A Birthday Attack Against DES. IACR Cryptology ePrint Archive 2008, vol. 288 (2008)

    Google Scholar 

  3. Chen, L.: NIST SP 800-56C: recommendation for key derivation through extraction-then-expansion. Technical report, NIST (2011)

    Google Scholar 

  4. Wen, C.C., Dawson, E., González Nieto, J.M., Simpson, L.: A framework for security analysis of key derivation functions. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 199–216. Springer, Heidelberg (2012). doi:10.1007/978-3-642-29101-2_14

    Chapter  Google Scholar 

  5. Chuah, C.W., Dawson, E., Simpson, L.: Key derivation function: The SCKDF scheme. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 125–138. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39218-4_10

    Chapter  Google Scholar 

  6. Dodis, Y., Gennaro, R., Håstad, J., Krawczyk, H., Rabin, T.: Randomness extraction and key derivation using the CBC, cascade and HMAC modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 494–510. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28628-8_30

    Chapter  Google Scholar 

  7. Harkins, D., Carrel, D.: RFC 2409: The Internet Key Exchange (IKE). Technical report, Internet Engineering Task Force (1998)

    Google Scholar 

  8. Heer, T., Jokela, P., Henderson, T.: Host identity protocol version 2 (HIPv2). Technical report, Internet Engineering Task Force (2015)

    Google Scholar 

  9. Hoch, J.J., Shamir, A.: Fault analysis of stream ciphers. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 240–253. Springer, Heidelberg (2004). doi:10.1007/978-3-540-28632-5_18

    Chapter  Google Scholar 

  10. Krawczyk, H.: Cryptographic extraction and key derivation: The HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_34

    Chapter  Google Scholar 

  11. Krawczyk, H., Eronen, P.: HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Technical report, RFC 5869 (2010)

    Google Scholar 

  12. Ma, Z.Q., Gu, D.W.: Improved differential fault analysis of SOSEMANUK. In: 2012 Eighth International Conference on Computational Intelligence and Security (CIS), pp. 487–491. IEEE (2012)

    Google Scholar 

  13. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  14. Wang, X., Yu, H., Yin, Y.L.: Efficient collision search attacks on SHA-0. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 1–16. Springer, Heidelberg (2005). doi:10.1007/11535218_1

    Chapter  Google Scholar 

  15. Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005). doi:10.1007/11535218_2

    Chapter  Google Scholar 

  16. Xie, T., Liu, F.B., Feng, D.G.: Fast Collision Attack on MD5. IACR Cryptology ePrint Archive 2013:D170 (2013)

    Google Scholar 

  17. Zhu, L., Wasserman, M., Mills, W.: PKINIT Algorithm Agility. Technical report, Internet Engineering Task Force (2015)

    Google Scholar 

Download references

Acknowledgments

This research was supported by Fundamental Research Grant Scheme (FRGS) 1558, ORICC UTHM.

Author information

Authors and Affiliations

  1. University Tun Hussein Onn Malaysia, Parit Raja, Malaysia

    Chai Wen Chuah & Mustafa Mat Deris

  2. Queensland University of Technology, Brisbane, Australia

    Edward Dawson

Authors
  1. Chai Wen Chuah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mustafa Mat Deris
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Edward Dawson
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chai Wen Chuah .

Editor information

Editors and Affiliations

  1. Kyonggi University, Seongnam-si, Gyeonggi, Korea (Republic of)

    Kuinam Kim

  2. modelizeIT Inc., CEO and NYU , Stony Brook, New York, USA

    Nikolai Joukov

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Chuah, C.W., Mat Deris, M., Dawson, E. (2017). On the Security Analysis of Weak Cryptographic Primitive Based Key Derivation Function. In: Kim, K., Joukov, N. (eds) Information Science and Applications 2017. ICISA 2017. Lecture Notes in Electrical Engineering, vol 424. Springer, Singapore. https://doi.org/10.1007/978-981-10-4154-9_27

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-4154-9_27

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-4153-2

  • Online ISBN: 978-981-10-4154-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation