A Framework for Security Analysis of Key Derivation Functions

  • Chuah Chai Wen
  • Edward Dawson
  • Juan Manuel González Nieto
  • Leonie Simpson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7232)


This paper presents a comprehensive formal security framework for key derivation functions (KDF). The major security goal for a KDF is to produce cryptographic keys from a private seed value where the derived cryptographic keys are indistinguishable from random binary strings. We form a framework of five security models for KDFs. This consists of four security models that we propose: Known Public Inputs Attack (KPM, KPS), Adaptive Chosen Context Information Attack (CCM) and Adaptive Chosen Public Inputs Attack(CPM); and another security model, previously defined by Krawczyk [6], which we refer to as Adaptive Chosen Context Information Attack(CCS). These security models are simulated using an indistinguisibility game. In addition we prove the relationships between these five security models and analyse KDFs using the framework (in the random oracle model).


Key derivation function Security framework Indistinguishability Cryptographic keys 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Adams, C., Kramer, G., Mister, S., Zuccherato, R.: On The Security of Key Derivation Functions. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 134–145. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  2. 2.
    Barak, B., Shaltiel, R., Tromer, E.: True Random Number Generators Secure in a Changing Environment. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 166–180. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Dang, Q.: Recommendation for Existing Application-Specific Key Derivation Functions. NIST Special Publication 800, 135 (2010)Google Scholar
  4. 4.
    Kaliski, B.: PKCS# 5: Password-based cryptography specification version 2.0. Technical report, RFC 2898 (September 2000)Google Scholar
  5. 5.
    Krawczyk, H.: On Extract-then-Expand Key Derivation Functions and an HMAC-based KDF (2008),
  6. 6.
    Krawczyk, H.: Cryptographic Extraction and Key Derivation: The HKDF Scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010)Google Scholar
  7. 7.
    Krawczyk, H., Eronen, P.: HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Technical report, RFC 5869 (May 2010)Google Scholar
  8. 8.
    McGrew, D., Weis, B.: Key Derivation Functions and Their Uses (2010),
  9. 9.
    Shoup, V.: ISO 18033-2: An emerging standard for public-key encryption. Final Committee Draft (December 2004)Google Scholar
  10. 10.
    Yao, F.F., Yin, Y.L.: Design and Analysis of Password-Based Key Derivation Functions. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 245–261. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Chuah Chai Wen
    • 1
  • Edward Dawson
    • 1
  • Juan Manuel González Nieto
    • 1
  • Leonie Simpson
    • 1
  1. 1.Queensland University of TechnologyAustralia

Personalised recommendations