论文信息 - Provable Security of PRF-based Key Derivation Functions according to Input Types of Counters*

Provable Security of PRF-based Key Derivation Functions according to Input Types of Counters*

ABSTRACT The security of all cryptographic algorithms and protocols is b ased on the confidentiality of secret keys. Key management mechanism is an indispensable part of the cryptographic system and this deals with the generation, exchange, storage, use, and replacement of keys. Within the key management mechanism there are key derivation functions (KDFs) which derive one or more keys from a master key. NIST specifies three families of P RF-based KDFs in SP 800-108. In this paper, we examine the difference of security models between the KDFs and the encrypti on modes of operations. Moreover we focus on the provable security of PRF-based KDFs according to input types of counters , and show that the counter and feedback modes of KDFs using XOR of counters are insecure, while these modes using concatenation of counters are secure.Keywords: Key Derivation Functions, KDF, Provable Security, PRF, Encrypti on modes of operation. I.서 론 * 암호 알고리즘과 암호 프로토콜은 사용되는 키들의 접수일(2015년 3월 4일), 게재확정일(2015년 4월 27일)*본 연구는 2014년도 정부(미래창조과학부)의 재원으로 한국연구재단-차세대정보・컴퓨팅기술개발사업의 지원을

[1] Henri Gilbert. The Security of "One-Block-to-Many" Modes of Operation , 2003, FSE.

[2] Lidong Chen,et al. Recommendation for Key Derivation Using Pseudorandom Functions (Revised) , 2009 .

[3] Morris J. Dworkin,et al. SP 800-38A 2001 edition. Recommendation for Block Cipher Modes of Operation: Methods and Techniques , 2001 .

[4] Ju-Sung Kang,et al. A Security Analysis of Key Expansion Functions Using Pseudorandom Permutations , 2014, WISTP.

[5] Morris J. Dworkin,et al. Recommendation for Block Cipher Modes of Operation: Methods for Key Wrapping , 2012 .

[6] Jacques Patarin,et al. How to Construct Pseudorandom and Super Pseudorandom Permutations from one Single Pseudorandom Function , 1992, EUROCRYPT.