Skip to main content
SpringerLink
Log in

On The Security of Key Derivation Functions

  • Conference paper
Information Security (ISC 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3225))

Included in the following conference series:

Abstract

Key derivation functions are commonly used within many cryptographic schemes in order to distribute the entropy contained in an uneven way in a long stream of bits into a string that can be used directly as a symmetric key or as a seed for a pseudo-random number generator, or to convert short strings such as passwords into symmetric keys. This paper examines the common key derivation function constructions and shows that most of these have some concerning properties. In some situations, the use of these key derivation functions may actually limit the security that would otherwise be obtained. A new construction is also provided which seems to have better properties and an intuitive justification for its security is given.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adams, C.: The Simple Public-Key GSS-API Mechanism (SPKM). RFC 2025 (October 1996)

    Google Scholar 

  2. ANSI X9.42-2001: Public Key Cryptography For The Financial Services Industry: Agreement of Symmetric Keys Using Discrete Logarithm Cryptography, Accredited Standards Committee X9 (2001)

    Google Scholar 

  3. ANSI X9.63-2002: Public Key Cryptography for the Financial Services Industry: Key Agreement and Key Transport Using Elliptic Curve Cryptography, Accredited Standards Committee X9 (2002)

    Google Scholar 

  4. Bellare, M., Canetti, R., Krawczyk, H.: Pseudorandom Functions Revisited: The Cascade Construction and its Concrete Security, see also Proceedings of the 37th Symposium on Foundations of Computer Science. IEEE, Newyork (1996) (for an abridged version) , http://www-cse.ucsd.edu/users/mihir/papers/cascade.pdf

  5. Dierks, T., Allen, C.: The TLS Protocol Version 1.0, RFC 2246 (January 1999)

    Google Scholar 

  6. FIPS 46-3,Data Encryption Standard (DES) , Federal Information Processing Standards Publication 46-3 (1999), Available from http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf

  7. FIPS 180-1, Secure Hash Standard (SHS) , Federal Information Processing Standards Publication 180-1 (2002), Available from http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf

  8. FIPS 197,Advanced Encryption Standard (AES) , Federal Information Processing Standards Publication 197 (2001), Available from http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

  9. Freier, A., Karlton, P., Kocher, P.: The SSL Protocol Version 3.0, draftfreier- ssl-version3-02.txt, November 18 (work in progress) (1996), Available at http://wp.netscape.com/eng/ssl3/draft302.txt

  10. Harkins, D., Carrel, D.: The Internet Key Exchange (IKE). RFC 2409 (November 1998)

    Google Scholar 

  11. Håstad, J., Impagliazzo, R., Levin, L., Luby, M.: A pseudorandom generator from any one-way function. SIAM Journal on Computing 28, 1364–1396 (1999)

    Article  MATH  MathSciNet  Google Scholar 

  12. IEEE P1363A: Standard Specifications for Public Key Cryptography: Additional Techniques, Institute of Electrical and Electronics Engineers, July 16, Draft Version 12 (2003)

    Google Scholar 

  13. ISO/IEC 18033-2, Information technology – Security techniques – Encryption algorithms – Part 2: Asymmetric Ciphers, Committee Draft, June 10 (2003)

    Google Scholar 

  14. Krawczyk, H., Bellare, M., Canetti,R.: HMAC: Keyed-Hashing for Message Authentication. RFC 2104 (February 1997)

    Google Scholar 

  15. National Institute of Standards and Technology, Special Publication 800-56: Recommendation On Key Establishment Schemes, Draft 2.0 (January 2003)

    Google Scholar 

  16. National Institute of Standards and Technology, Special Publication 800-57: Recommendation For Key Management – Part 1: General Guideline, Draft (January 2003)

    Google Scholar 

  17. PKCS #5 v2.0, Password-Based Cryptography Standard, March 25 (1999), Available from ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-5v2/pkcs5v2-0.pdf

  18. Rescorla, E.: Diffie-Hellman Key Agreement Method. RFC 2631 (June 1999)

    Google Scholar 

  19. Rivest, R.: The MD5 message-digest algorithm. RFC 1321 (April 1992)

    Google Scholar 

  20. Yuval, G.: How to swindle Rabin. Cryptologia 3, 187–190 (1979)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Ottawa, Ottawa, Ontario, Canada, K1N 6N5

    Carlisle Adams

  2. Entrust, Inc, 1000 Innovation Drive, Ottawa, Ontario, Canada, K2K 3E7

    Guenther Kramer, Serge Mister & Robert Zuccherato

Authors
  1. Carlisle Adams
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guenther Kramer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Serge Mister
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Robert Zuccherato
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute of psychology, Chinese Academy of Sciences, 100101, Beijing, P.R. China

    Kan Zhang

  2. Department of Software & Information Systems, The University of North Carolina at Charlotte, 9201 University City Blvd, 28223-0001, Charlotte, NC, USA

    Yuliang Zheng

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Adams, C., Kramer, G., Mister, S., Zuccherato, R. (2004). On The Security of Key Derivation Functions. In: Zhang, K., Zheng, Y. (eds) Information Security. ISC 2004. Lecture Notes in Computer Science, vol 3225. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30144-8_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30144-8_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23208-7

  • Online ISBN: 978-3-540-30144-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation