Skip to main content
SpringerLink
Log in

Timing Side Channel Attack on Key Derivation Functions

  • Conference paper
  • First Online:
Information Science and Applications 2017 (ICISA 2017)

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 424))

Included in the following conference series:

Abstract

A key derivation function is a function that generate one or more arbitrary length of cryptographic keys from a private string together with some public information. The generated cryptographic key(s) from this key derivation function proposals are generally indistinguishable from random binary strings of the same length based on formal mathematically proof. To date, there are designed of key derivation function proposals using cryptographic primitives such as hash functions, block ciphers and stream ciphers. However, there are limited security analysis of side channel attacks for the key derivation function proposals. This paper is to investigate the timing side channel attacks towards these three types of cryptographic primitives based key derivation function. Key derivation functions based on stream ciphers and block ciphers are input-dependent execution, the experiment results have shown that both key derivation functions proposals are vulnerable against timing side channel.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 259.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 329.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 329.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Boesgaard, M., Vesterager, M., Zenner, E.: The Rabbit stream cipher. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 69–83. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68351-3_7

    Chapter  Google Scholar 

  2. Brumley, D., Boneh, D.: Remote timing attacks are practical. Comput. Netw. 48(5), 701–716 (2005)

    Article  Google Scholar 

  3. Cannière, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244–266. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68351-3_18

    Chapter  Google Scholar 

  4. Chen, L.: NIST SP 800-56C: Recommendation for Key Derivation through Extraction-then-Expansion. Technical report, NIST (2011)

    Google Scholar 

  5. Chuah, C.W., Dawson, E., Simpson, L.: Key derivation function: the SCKDF scheme. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 125–138. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39218-4_10

    Chapter  Google Scholar 

  6. Eastlake, D., Hansen, T.: RFC 6234: US Secure Hash Algorithms. Technical report, Internet Engineering Task Force (2011)

    Google Scholar 

  7. Joye, M., Olivier, F.: Side-channel analysis. In: van Tilborg, H.C.A., Jajodia, S. (eds.) Encyclopedia of Cryptography and Security, pp. 1198–1204. Springer, Heidelberg (2011)

    Google Scholar 

  8. Kaliski, B.: RFC 2898: PKCS# 5, Password-based Cryptography Specification version 2.0. Technical report, Internet Engineering Task Force (2000)

    Google Scholar 

  9. Kocher, P., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to differential power analysis. J. Cryptographic Eng. 1(1), 5–27 (2011)

    Article  Google Scholar 

  10. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). doi:10.1007/3-540-68697-5_9

    Google Scholar 

  11. Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_34

    Chapter  Google Scholar 

  12. Krawczyk, H., Eronen, P.: HMAC-based Extract-and-Expand Key Derivation Function (HKDF). Technical report, RFC 5869 (2010)

    Google Scholar 

  13. Longo, J., Mulder, E., Page, D., Tunstall, M.: SoC It to EM: electromagnetic side-channel attacks on a complex system-on-chip. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 620–640. Springer, Heidelberg (2015). doi:10.1007/978-3-662-48324-4_31

    Chapter  Google Scholar 

  14. McGrew, D., Weis, B.: Key Derivation Functions and Their Uses (2010)

    Google Scholar 

  15. SP NIST. 800-108: Recommendation for Key Derivation Using Pseudorandom Functions (2009)

    Google Scholar 

  16. Robshaw, M.: The eSTREAM project. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 1–6. Springer, Heidelberg (2008). doi:10.1007/978-3-540-68351-3_1

    Chapter  Google Scholar 

  17. Song, J., Poovendran, R., Lee, J., Iwata, T.: The AES-CMAC algorithm. Technical report (2006)

    Google Scholar 

  18. Song, J.H., Poovendran, R., Lee, J., Iwata, T.: RFC 4493: The AES-CMAC Algorithm. Technical report, Internet Engineering Task Force (2005)

    Google Scholar 

Download references

Acknowledgments

This research was supported by Fundamental Research Grant Scheme (FRGS) 1558, ORICC UTHM and eGates UTHM.

Author information

Authors and Affiliations

  1. University Tun Hussein On Malaysia, Parit Raja, Malaysia

    Chai Wen Chuah & Wen Wen Koh

Authors
  1. Chai Wen Chuah
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wen Wen Koh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chai Wen Chuah .

Editor information

Editors and Affiliations

  1. Kyonggi University, Seongnam-si, Gyeonggi, Korea (Republic of)

    Kuinam Kim

  2. modelizeIT Inc., CEO and NYU , Stony Brook, New York, USA

    Nikolai Joukov

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Chuah, C.W., Koh, W.W. (2017). Timing Side Channel Attack on Key Derivation Functions. In: Kim, K., Joukov, N. (eds) Information Science and Applications 2017. ICISA 2017. Lecture Notes in Electrical Engineering, vol 424. Springer, Singapore. https://doi.org/10.1007/978-981-10-4154-9_31

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-4154-9_31

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-4153-2

  • Online ISBN: 978-981-10-4154-9

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation