The Experts below are selected from a list of 2886 Experts worldwide ranked by ideXlab platform
Yiqun Lisa Yin - One of the best experts on this subject based on the ideXlab platform.
-
Design and analysis of password-based key derivation functions
IEEE Transactions on Information Theory, 2005Co-Authors: Frances F. Yao, Yiqun Lisa YinAbstract:A password-based key derivation function (KDF)—a function that derives cryptographic keys from a password—is necessary in many security applications. Like any password-based schemes, such KDFs are subject to key search attacks (often called dictionary attacks). Salt and iteration count are used in practice to significantly increase the workload of such attacks. These techniques have also been specified in widely adopted industry standards such as PKCS and IETF. Despite the importance and widespread usage, there has been no formal security analysis on existing constructions. In this correspondence, we propose a general security framework for password-based KDFs and introduce two security definitions each capturing a different attacking scenario. We study the most commonly used construction$H^(c)(p,Vert, s)$and prove that the iteration count$c$, when fixed, does have an effect of stretching the password$p$by$log_2 c$bits. We then analyze the two standardized KDFs in PKCS #5. We show that both are secure if the adversary cannot influence the parameters but subject to attacks otherwise. Finally, we propose a new password-based KDF that is provably secure even when the adversary has full control of the parameters.
-
CT-RSA - Design and analysis of password-based key derivation functions
Lecture Notes in Computer Science, 2005Co-Authors: Frances F. Yao, Yiqun Lisa YinAbstract:A password-based key derivation function (KDF) – a function that derives cryptographic keys from a password – is necessary in many security applications. Like any password-based schemes, such KDFs are subject to key search attacks (often called dictionary attacks). Salt and iteration count are used in practice to significantly increase the workload of such attacks. These techniques have also been specified in widely adopted industry standards such as PKCS and IETF. Despite the importance and wide-spread usage, there has been no formal security analysis on existing constructions. In this paper, we propose a general security framework for password-based KDFs and introduce two security definitions each capturing a different attacking scenario. We study the most commonly used construction H(c)(p||s) and prove that the iteration count c, when fixed, does have an effect of stretching the password p by log2c bits. We then analyze the two standardized KDFs in PKCS#5. We show that both are secure if the adversary cannot influence the parameters but subject to attacks otherwise. Finally, we propose a new password-based KDF that is provably secure even when the adversary has full control of the parameters.
Frances F. Yao - One of the best experts on this subject based on the ideXlab platform.
-
Design and analysis of password-based key derivation functions
IEEE Transactions on Information Theory, 2005Co-Authors: Frances F. Yao, Yiqun Lisa YinAbstract:A password-based key derivation function (KDF)—a function that derives cryptographic keys from a password—is necessary in many security applications. Like any password-based schemes, such KDFs are subject to key search attacks (often called dictionary attacks). Salt and iteration count are used in practice to significantly increase the workload of such attacks. These techniques have also been specified in widely adopted industry standards such as PKCS and IETF. Despite the importance and widespread usage, there has been no formal security analysis on existing constructions. In this correspondence, we propose a general security framework for password-based KDFs and introduce two security definitions each capturing a different attacking scenario. We study the most commonly used construction$H^(c)(p,Vert, s)$and prove that the iteration count$c$, when fixed, does have an effect of stretching the password$p$by$log_2 c$bits. We then analyze the two standardized KDFs in PKCS #5. We show that both are secure if the adversary cannot influence the parameters but subject to attacks otherwise. Finally, we propose a new password-based KDF that is provably secure even when the adversary has full control of the parameters.
-
CT-RSA - Design and analysis of password-based key derivation functions
Lecture Notes in Computer Science, 2005Co-Authors: Frances F. Yao, Yiqun Lisa YinAbstract:A password-based key derivation function (KDF) – a function that derives cryptographic keys from a password – is necessary in many security applications. Like any password-based schemes, such KDFs are subject to key search attacks (often called dictionary attacks). Salt and iteration count are used in practice to significantly increase the workload of such attacks. These techniques have also been specified in widely adopted industry standards such as PKCS and IETF. Despite the importance and wide-spread usage, there has been no formal security analysis on existing constructions. In this paper, we propose a general security framework for password-based KDFs and introduce two security definitions each capturing a different attacking scenario. We study the most commonly used construction H(c)(p||s) and prove that the iteration count c, when fixed, does have an effect of stretching the password p by log2c bits. We then analyze the two standardized KDFs in PKCS#5. We show that both are secure if the adversary cannot influence the parameters but subject to attacks otherwise. Finally, we propose a new password-based KDF that is provably secure even when the adversary has full control of the parameters.
Vashek Matyáš - One of the best experts on this subject based on the ideXlab platform.
-
Examining PBKDF2 security margin—Case study of LUKS
'Elsevier BV', 2019Co-Authors: A. Visconti, Milan Brož, O. Mosnáček, Vashek MatyášAbstract:Passwords are widely used to protect our sensitive information or to gain access to specific resources. They should be changed frequently and be strong enough to prevent well-known attacks. Unfortunately, user-chosen passwords are usually short and lack sufficient entropy. A possible solution to these problems is to adopt a key derivation function (KDF) that allows legitimate users to spend a moderate amount of time on key derivation, while imposing CPU/memory-intensive operations on the attacker side. In this paper, we focus on long-term passwords secured by the Password-Based key derivation function 2 (PBKDF2) and present the case study of Linux Unified key Setup (LUKS), a disk-encryption specification commonly implemented in Linux based operating systems. In particular, we describe how LUKS protects long-term keys by means of iteration counts defined at runtime, and analyze how external factors may affect the iteration counts computation. In doing so, we provide means of evaluating the iteration count values defined at run-time and experimentally show to what level PBKDF2 is still capable of providing sufficient security margin for a LUKS implementation
-
STM - Selecting a New key derivation function for Disk Encryption
Security and Trust Management, 2015Co-Authors: Milan Brož, Vashek MatyášAbstract:Many full disk encryption applications rely on a strong password-based key derivation function to process a passphrase. This article defines requirements for key derivation functions and analyzes recently presented password hashing functions second round finalists of the Password Hashing Competition for their suitability for disk encryption.
-
selecting a new key derivation function for disk encryption
International Workshop on Security, 2015Co-Authors: Milan Brož, Vashek MatyášAbstract:Many full disk encryption applications rely on a strong password-based key derivation function to process a passphrase. This article defines requirements for key derivation functions and analyzes recently presented password hashing functions second round finalists of the Password Hashing Competition for their suitability for disk encryption.
Mazani Manaf - One of the best experts on this subject based on the ideXlab platform.
-
secured authentication using anonymity and password based key derivation function
Intelligent Information Systems, 2016Co-Authors: Mohd Izuan Mohd Saad, Kamarularifin Abd Jalil, Mazani ManafAbstract:In cloud environment, security is a vital issue that will bring major impact to business operation. Cloud service provider has to ensure that data storage and communication medium is highly secured. In recent years, password-based authentication method has gained attention because of its simplicity, its capability in providing a secured process and its resistance from vulnerabilities. Nevertheless, there still have an issue on providing user identity protection and integrity of data from being abused by an adversary. Most of the current scheme involved third party in verification process and some of the scheme expose user’s identity during authentication process. These can lead to the trust and transparency concern to the user. By exposing user identity will make a chance to the adversary to perform impersonate attack by impersonating legitimate user. Thus, strong cryptography algorithm with secure key exchange protocol is needed to further enhance the authentication process. This paper proposed an enhancement of password-based authentication scheme with anonymity features and key derivation function. The proposed scheme uses the Secure Remote Password (SRP) protocol and Password-Based key derivation function 2 (PBKDF2) to enhance the authentication process. This paper also presents the anonymity description in authentication process which preserves user’s identity information from being exposed. Anonymity is one of imperative feature that could hide identity of users during the authentication process. This is then followed by discussion of comparison of using password-based authentication scheme with other methods of authentication. Finally, this paper presents the flow of the proposed scheme which involved some algorithm modification. This research significantly enhances security level in password-based authentication using anonymity features and PBKDF2 to preserve user’s privacy and to resist from any attack vulnerabilities.
-
MobiWIS - Secured Authentication Using Anonymity and Password-Based key derivation function
Mobile Web and Intelligent Information Systems, 2016Co-Authors: Mohd Izuan Mohd Saad, Kamarularifin Abd Jalil, Mazani ManafAbstract:In cloud environment, security is a vital issue that will bring major impact to business operation. Cloud service provider has to ensure that data storage and communication medium is highly secured. In recent years, password-based authentication method has gained attention because of its simplicity, its capability in providing a secured process and its resistance from vulnerabilities. Nevertheless, there still have an issue on providing user identity protection and integrity of data from being abused by an adversary. Most of the current scheme involved third party in verification process and some of the scheme expose user’s identity during authentication process. These can lead to the trust and transparency concern to the user. By exposing user identity will make a chance to the adversary to perform impersonate attack by impersonating legitimate user. Thus, strong cryptography algorithm with secure key exchange protocol is needed to further enhance the authentication process. This paper proposed an enhancement of password-based authentication scheme with anonymity features and key derivation function. The proposed scheme uses the Secure Remote Password (SRP) protocol and Password-Based key derivation function 2 (PBKDF2) to enhance the authentication process. This paper also presents the anonymity description in authentication process which preserves user’s identity information from being exposed. Anonymity is one of imperative feature that could hide identity of users during the authentication process. This is then followed by discussion of comparison of using password-based authentication scheme with other methods of authentication. Finally, this paper presents the flow of the proposed scheme which involved some algorithm modification. This research significantly enhances security level in password-based authentication using anonymity features and PBKDF2 to preserve user’s privacy and to resist from any attack vulnerabilities.
Chai Wen Chuah - One of the best experts on this subject based on the ideXlab platform.
-
Robust security framework with bit-flipping attack and timing attack for key derivation functions
IET Information Security, 2020Co-Authors: Wen Wen Koh, Chai Wen ChuahAbstract:A key derivation function (KDF) derives cryptographic keys from private string and public information. The security property for the cryptographic keys is indistinguishable from the random strings of equal length. The security analysis of KDFs has received increasing attention. The practice important of KDFs is reflected in the adoption of industry standards such as NIST800-135 and PKCS5. This study proposes a robust security framework that takes into consideration the side-channel attacks. The robust security framework consists of the proposed security model and existing security models. The proposed security model is known as Adaptive Chosen All Inputs Model (CAM), which analyses the security of KDFs in terms of the bit-flipping attack and timing attack. The existing security model is the Adaptive Chosen Public Inputs Model (CPM). This research shows the implication of relationship and the non-implication relationship between CAM and CPM. The simulation of security models is according to the indistinguishable game played between a challenger and an adversary. These security models are used to evaluate existing KDFs. The result shows that none of the existing KDFs are secure in CAM for both the bit-flipping attack and timing attack. Hence, this research introduces an alternative KDF that is proven secure in CAM.
-
on the security analysis of weak cryptographic primitive based key derivation function
International Conference on Information Science and Applications, 2017Co-Authors: Chai Wen Chuah, Mustafa Mat Deris, Ed DawsonAbstract:A key derivation function is a function that generate one or more cryptographic keys from a private string together with some public information. The generated cryptographic key(s) must be indistinguishable from random binary strings of the same length. To date, there are designed of key derivation function proposals using cryptographic primitives such as hash functions, block ciphers and stream ciphers. The security of key derivation functions are based on the assumption that the underlying cryptographic primitives are secure from attacks. Unfortunately, the current works do not investigate the consequences for key derivation functions if the cryptographic primitives that are used to build the key derivation functions are broken. In this paper, we are confirmed by results of having the cryptographic primitives that are used to build the key derivation functions are broken, it allows the adversaries to distinguish the cryptographic key from the random binary string of the same length.
-
ICISA - On the Security Analysis of Weak Cryptographic Primitive Based key derivation function
Information Science and Applications 2017, 2017Co-Authors: Chai Wen Chuah, Mustafa Mat Deris, Ed DawsonAbstract:A key derivation function is a function that generate one or more cryptographic keys from a private string together with some public information. The generated cryptographic key(s) must be indistinguishable from random binary strings of the same length. To date, there are designed of key derivation function proposals using cryptographic primitives such as hash functions, block ciphers and stream ciphers. The security of key derivation functions are based on the assumption that the underlying cryptographic primitives are secure from attacks. Unfortunately, the current works do not investigate the consequences for key derivation functions if the cryptographic primitives that are used to build the key derivation functions are broken. In this paper, we are confirmed by results of having the cryptographic primitives that are used to build the key derivation functions are broken, it allows the adversaries to distinguish the cryptographic key from the random binary string of the same length.
-
ICISA - Timing Side Channel Attack on key derivation functions
Information Science and Applications 2017, 2017Co-Authors: Chai Wen Chuah, Wen Wen KohAbstract:A key derivation function is a function that generate one or more arbitrary length of cryptographic keys from a private string together with some public information. The generated cryptographic key(s) from this key derivation function proposals are generally indistinguishable from random binary strings of the same length based on formal mathematically proof. To date, there are designed of key derivation function proposals using cryptographic primitives such as hash functions, block ciphers and stream ciphers. However, there are limited security analysis of side channel attacks for the key derivation function proposals. This paper is to investigate the timing side channel attacks towards these three types of cryptographic primitives based key derivation function. key derivation functions based on stream ciphers and block ciphers are input-dependent execution, the experiment results have shown that both key derivation functions proposals are vulnerable against timing side channel.
-
key derivation function based on stream ciphers
2014Co-Authors: Chai Wen ChuahAbstract:A key derivation function (KDF) is a function that transforms secret non-uniformly random source material together with some public strings into one or more cryptographic keys. These cryptographic keys are used with a cryptographic algorithm for protecting electronic data during both transmission over insecure channels and storage. In this thesis, we propose a new method for constructing a generic stream cipher based key derivation function. We show that our proposed key derivation function based on stream ciphers is secure if the under-lying stream cipher is secure. We simulate instances of this stream cipher based key derivation function using three eStream nalist: Trivium, Sosemanuk and Rabbit. The simulation results show these stream cipher based key derivation functions offer efficiency advantages over the more commonly used key derivation functions based on block ciphers and hash functions.
