A robust security framework with bit-flipping attack and timing attack for key derivation functions
A Key Derivation Function (KDF) derives cryptographic keys from private string and public information. The security property for the cryptographic keys is indistinguishable from the random strings of equal length. The security analysis of KDFs has received increasing attention. The practice importan...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Institution of Engineering and Technology (IET) / Wiley Open Access
2020
|
| Subjects: | |
| Online Access: | http://eprints.uthm.edu.my/6534/ http://eprints.uthm.edu.my/6534/1/AJ%202020%20%28331%29.pdf |
| _version_ | 1848888836725145600 |
|---|---|
| author | Wen Koh, Wen Wen Chuah, Chai |
| author_facet | Wen Koh, Wen Wen Chuah, Chai |
| author_sort | Wen Koh, Wen |
| building | UTHM Institutional Repository |
| collection | Online Access |
| description | A Key Derivation Function (KDF) derives cryptographic keys from private string and public information. The security property for the cryptographic keys is indistinguishable from the random strings of equal length. The security analysis of KDFs has received increasing attention. The practice important of KDFs are reflected in the adoption of industry standards such as NIST800-135 and PKCS5. This paper proposes a robust security framework which takes into consideration the side channel attacks. The robust security framework consists of the proposed security model and existing security models. The proposed security model is known as Adaptive Chosen All Inputs Model (CAM) which analyses the security of KDFs in terms of the bit-flipping attack and timing attack. The existing security model is the Adaptive Chosen Public Inputs Model (CPM). This research shows the implication relationship and non-implication relationship between CAM and CPM. The simulation of security models is according to the indistinguishable game played between a challenger and an adversary. These security models are used to evaluate existing KDFs. The result shows that none of the existing KDFs are secure in CAM for both the bit-flipping attack and timing attack. Hence, this research introduces an alternative KDF that is proven secure in CAM. |
| first_indexed | 2025-11-15T20:16:37Z |
| format | Article |
| id | uthm-6534 |
| institution | Universiti Tun Hussein Onn Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T20:16:37Z |
| publishDate | 2020 |
| publisher | Institution of Engineering and Technology (IET) / Wiley Open Access |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | uthm-65342022-02-28T06:51:46Z http://eprints.uthm.edu.my/6534/ A robust security framework with bit-flipping attack and timing attack for key derivation functions Wen Koh, Wen Wen Chuah, Chai T175-178 Industrial research. Research and development A Key Derivation Function (KDF) derives cryptographic keys from private string and public information. The security property for the cryptographic keys is indistinguishable from the random strings of equal length. The security analysis of KDFs has received increasing attention. The practice important of KDFs are reflected in the adoption of industry standards such as NIST800-135 and PKCS5. This paper proposes a robust security framework which takes into consideration the side channel attacks. The robust security framework consists of the proposed security model and existing security models. The proposed security model is known as Adaptive Chosen All Inputs Model (CAM) which analyses the security of KDFs in terms of the bit-flipping attack and timing attack. The existing security model is the Adaptive Chosen Public Inputs Model (CPM). This research shows the implication relationship and non-implication relationship between CAM and CPM. The simulation of security models is according to the indistinguishable game played between a challenger and an adversary. These security models are used to evaluate existing KDFs. The result shows that none of the existing KDFs are secure in CAM for both the bit-flipping attack and timing attack. Hence, this research introduces an alternative KDF that is proven secure in CAM. Institution of Engineering and Technology (IET) / Wiley Open Access 2020 Article PeerReviewed text en http://eprints.uthm.edu.my/6534/1/AJ%202020%20%28331%29.pdf Wen Koh, Wen and Wen Chuah, Chai (2020) A robust security framework with bit-flipping attack and timing attack for key derivation functions. IET Information Security, 14 (5). pp. 562-571. ISSN 1751-8709 https://doi.org/10.1049/iet-ifs.2019.0163 |
| spellingShingle | T175-178 Industrial research. Research and development Wen Koh, Wen Wen Chuah, Chai A robust security framework with bit-flipping attack and timing attack for key derivation functions |
| title | A robust security framework with bit-flipping attack and timing attack for key derivation functions |
| title_full | A robust security framework with bit-flipping attack and timing attack for key derivation functions |
| title_fullStr | A robust security framework with bit-flipping attack and timing attack for key derivation functions |
| title_full_unstemmed | A robust security framework with bit-flipping attack and timing attack for key derivation functions |
| title_short | A robust security framework with bit-flipping attack and timing attack for key derivation functions |
| title_sort | robust security framework with bit-flipping attack and timing attack for key derivation functions |
| topic | T175-178 Industrial research. Research and development |
| url | http://eprints.uthm.edu.my/6534/ http://eprints.uthm.edu.my/6534/ http://eprints.uthm.edu.my/6534/1/AJ%202020%20%28331%29.pdf |