Abstract
A key derivation function is a function that generate one or more arbitrary length of cryptographic keys from a private string together with some public information. The generated cryptographic key(s) from this key derivation function proposals are generally indistinguishable from random binary strings of the same length based on formal mathematically proof. To date, there are designed of key derivation function proposals using cryptographic primitives such as hash functions, block ciphers and stream ciphers. However, there are limited security analysis of side channel attacks for the key derivation function proposals. This paper is to investigate the timing side channel attacks towards these three types of cryptographic primitives based key derivation function. Key derivation functions based on stream ciphers and block ciphers are input-dependent execution, the experiment results have shown that both key derivation functions proposals are vulnerable against timing side channel.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Boesgaard, M., Vesterager, M., Zenner, E.: The Rabbit stream cipher. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 69–83. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68351-3_7
Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)
Cannière, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68351-3_18
Chen, L.: NIST SP 800-56C: Recommendation for Key Derivation through Extraction-then-Expansion. Technical report, NIST (2011)
Chuah, C.W., Dawson, E., Simpson, L.: Key derivation function: the SCKDF scheme. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 125–138. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39218-4_10
Eastlake, D., Hansen, T.: RFC 6234: US Secure Hash Algorithms. Technical report, Internet Engineering Task Force (2011)
Joye, M., Olivier, F.: Side-channel analysis. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, pp. 1198–1204. Springer, Heidelberg (2011)
Kaliski, B.: RFC 2898: PKCS# 5, Password-based Cryptography Specification version 2.0. Technical report, Internet Engineering Task Force (2000)
Kocher, P., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to differential power analysis. J. Cryptographic Eng. 1(1), 5–27 (2011)
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). doi:10.1007/3-540-68697-5_9
Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_34
Krawczyk, H., Eronen, P.: HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Technical report, RFC 5869 (2010)
Longo, J., Mulder, E., Page, D., Tunstall, M.: SoC It to EM: electromagnetic side-channel attacks on a complex system-on-chip. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 620–640. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48324-4_31
McGrew, D., Weis, B.: Key Derivation Functions and Their Uses (2010)
SP NIST. 800-108: Recommendation for Key Derivation Using Pseudorandom Functions (2009)
Robshaw, M.: The eSTREAM project. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 1–6. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68351-3_1
Song, J., Poovendran, R., Lee, J., Iwata, T.: The AES-CMAC algorithm. Technical report (2006)
Song, J.H., Poovendran, R., Lee, J., Iwata, T.: RFC 4493: The AES-CMAC Algorithm. Technical report, Internet Engineering Task Force (2005)
Acknowledgments
This research was supported by Fundamental Research Grant Scheme (FRGS) 1558, ORICC UTHM and eGates UTHM.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Chuah, C.W., Koh, W.W. (2017). Timing Side Channel Attack on Key Derivation Functions. In: Kim, K., Joukov, N. (eds) Information Science and Applications 2017. ICISA 2017. Lecture Notes in Electrical Engineering, vol 424. Springer, Singapore. https://doi.org/10.1007/978-981-10-4154-9_31
Download citation
DOI: https://doi.org/10.1007/978-981-10-4154-9_31
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-4153-2
Online ISBN: 978-981-10-4154-9
eBook Packages: EngineeringEngineering (R0)