Fuzzy Evaluation Scheme for KDF Based on Stream Ciphers

  • Hamijah Mohd. Rahman
  • Nureize Arbaiy
  • Chuah Chai Wen
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 700)


Cryptography is a practice of technique to ensure security by using the cryptography keys. Key derivation function (KDF) is a standard algorithm to generate these cryptographic keys. Stream ciphers are one of the cryptographic primitives that are used to construct the key derivation function namely key derivation function based on stream ciphers. Though the key derivation function based on stream ciphers have a great role in security, it is necessary to have a framework which can evaluate the security level of the different types of key derivation function based on stream ciphers. Random oracle model (ROM) is the current procedure to proofs the security of KDF. However, the security evaluation of ROM did not evaluate the degree of secureness of KDF as it can only proof either the KDF is theoretically secure or insecure. Hence, this research applies fuzzy evaluation method to form a framework to evaluate the degree of secureness of the KDF for different types of key derivation function based on stream ciphers. Key sizes and complexity attacks are two main variables which are considered in the design of fuzzy rule. The proposed method introduces the information extraction to construct fuzzy membership function and rules. The result from this proposal is effective to approximate the security aspect in the computer system as well as network system.


Key derivation function Stream cipher Fuzzy logic Membership function Fuzzy evaluation 



This research was supported by FRGS Vot 1558, RMC UTHM, and Gates IT Solution Sdn.Bhd.


  1. 1.
    Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Annual Cryptology Conference, pp. 631–648. Springer, Berlin, Heidelberg (2010)Google Scholar
  2. 2.
    Bakhtiari, M., Maarof, M.A.: An efficient stream cipher algorithm for data encryption. Int. J. Comput. Sci. Issues 8(3) (2011)Google Scholar
  3. 3.
    Yun, J., Park, K.W., Shin, Y., Kim, H.D.: An efficient stream cipher for resistive RAM. IEICE Electron. Express 14(7), 20170179–20170179 (2017)Google Scholar
  4. 4.
    Vidal, G., Baptista, M.S., Mancini, H.: A fast and light stream cipher for smartphones. Eur. Phys. J. Spec. Top. 223(8), 1601–1610 (2014)CrossRefGoogle Scholar
  5. 5.
    Chuah, C.W., Dawson, E., Simpson, L.: Key derivation function: the SCKDF scheme. In: IFIP International Information Security Conference, pp. 125–138. Springer, Berlin, Heidelberg (2013)Google Scholar
  6. 6.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: CCS ’93, pp. 62–73. ACM Press (1993)Google Scholar
  7. 7.
    Chuah, C.W., Dawson, E., Nieto, J.M.G., Simpson, L.: A framework for security analysis of key derivation functions. In: International Conference on Information Security Practice and Experience, pp. 199–216. Springer, Berlin, Heidelberg (2012)Google Scholar
  8. 8.
    Ekdahl, P., Johansson, T.: Another attack on A5/1. IEEE Trans. Inf. Theory 49(1), 284–289 (2003)MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Lee, Y., Jeong, K., Sung, J., Hong, S.: Related-key chosen IV attacks on Grain-v1 and Grain-128. In: Australasian Conference on Information Security and Privacy, pp. 321–335. Springer, Berlin, Heidelberg (2008)Google Scholar
  10. 10.
    Quedenfeld, F.M., Wolf, C.: Advanced algebraic attack on Trivium. In: International Conference on Mathematical Aspects of Computer and Information Sciences, pp. 268–282. Springer International Publishing (2015)Google Scholar
  11. 11.
    A Distinguish attack on Rabbit Stream Cipher Based on Multiple Cube Tester. IACR Cryptol. ePrint Archive 780 (2013)Google Scholar
  12. 12.
    Al Maliky, S.B.S., Jawad, S.F.: Fuzzy logic-based security evaluation of stream cipher. In: Multidisciplinary Perspectives in Cryptology and Information Security, pp. 157–178. IGI Global (2014)Google Scholar
  13. 13.
    Azadegan, A., Porobic, L., Ghazinoory, S., Samouei, P., Kheirkhah, A.S.: Fuzzy logic in manufacturing: a review of literature and a specialized application. Int. J. Prod. Econ. 132(2), 258–270 (2011)CrossRefGoogle Scholar
  14. 14.
    Goztepe, K.: Designing fuzzy rule based expert system for cyber security. Int. J. Inf. Secur. Sci. 1(1), 13–19 (2012)Google Scholar
  15. 15.
    Sallam, H.: Cyber security risk assessment using multi fuzzy inference system. IJEIT 4(8), 13–19 (2015)Google Scholar
  16. 16.
    Bhusari, K.P., Kale, S.G.: Intrusion detection in wireless network using fuzzy rules. Virus 10 (11)Google Scholar
  17. 17.
    Mohammed, S.A., Sadkhan, S.B.: Block cipher security evaluation based on fuzzy logic. In: 2013 International Conference on Electrical, Communication, Computer, Power, and Control Engineering (ICECCPCE), pp. 169–173. IEEE (2013)Google Scholar
  18. 18.
    Klir, G.J., Yuan, B.: Fuzzy Sets and Fuzzy Logic: Theory and Applications (1996)Google Scholar
  19. 19.
    Sumathi, S., Paneerselvam, S.: Computational Intelligence Paradigms: Theory and Application Using MATLAB. CRC Press (2010)Google Scholar
  20. 20.
    Mamdani, E.H., Assilian, S.: An experiment in linguistic synthesis with a fuzzy logic controller. Int. J. Man Mach. Stud. 7(1), 1–13 (1975)CrossRefMATHGoogle Scholar
  21. 21.
    Iancu, I.: A Mamdani Type Fuzzy Logic Controller. INTECH Open Access Publisher, Rijeka (2012)CrossRefGoogle Scholar
  22. 22.
    Mendel, J.M.: Fuzzy logic system for engineering: a tutorial. IEEE Trans. Fuzzy Syst. (1995)Google Scholar
  23. 23.
    Mukherjee, P.: An Overview of eSTREAM Ciphers. Centre of Excellence in Cryptology, Indian Statistical Institute, Kolkata, India (2013)Google Scholar

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • Hamijah Mohd. Rahman
    • 1
    • 2
  • Nureize Arbaiy
    • 1
  • Chuah Chai Wen
    • 2
  1. 1.Soft Computing and Data Mining (SMC), Faculty of Computer Science and Information TechnologyUniversiti Tun Hussein OnnParit Raja, Batu PahatMalaysia
  2. 2.Information Security Interest Group (ISIG), Faculty of Computer Science and Information TechnologyUniversiti Tun Hussein OnnParit Raja, Batu PahatMalaysia

Personalised recommendations