Adaptive chosen all inputs model for analyzing key derivation functions against bit-flip and timing side-channel attacks
Cryptographic keys are vital to ensure secure communication and secure electronic transaction. Key Derivation Function (KDF) is used to generate these cryptographic keys from a private string, salt and context information. A salt is a random string while the context information is the application sp...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English English English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://eprints.uthm.edu.my/539/1/24p%20KOH%20WEN%20WEN.pdf http://eprints.uthm.edu.my/539/2/KOH%20WEN%20WEN%20COPYRIGHT%20DECLARATION.pdf http://eprints.uthm.edu.my/539/3/KOH%20WEN%20WEN%20WATERMARK.pdf http://eprints.uthm.edu.my/539/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Cryptographic keys are vital to ensure secure communication and secure electronic transaction. Key Derivation Function (KDF) is used to generate these cryptographic keys from a private string, salt and context information. A salt is a random string while the context information is the application specific data such as identities of communicating parties. Due to the importance of the KDF, it is mandatory to ensure the design of KDF may withstand any types of attacks. Nowadays, there are five security models used to analyze the security of KDF proposals. However, none of these security models take into account the KDF analysis against the bit-flipping attack and timing side-channel attack. Therefore, this research proposes a new security model, namely Adaptive Chosen All Inputs Model (ACAM) for analyzing the security of KDF proposals against these attacks. This research proves the implication relationship and non-implication relationship between the ACAM and the existing security model, namely Adaptive Chosen Public Inputs Model with Multiple Salts (CPM). The ACAM analyzes the security of KDF proposals in terms of the bit-flipping attack and timing side-channel attack. The result showed that only the stream cipher based KDF is vulnerable to the bit-flipping attack. However, all the existing KDFs are vulnerable to the timing side-channel attack. Finally, this research conducts the practical timing side-channel attack on KDFs that are constructed using hash functions, stream ciphers, and block ciphers. Different constructions of KDFs have resulted in different timing variation. The timing variation can reveal the length of private string and the types of cryptographic primitives used to build the KDFs. Hence, this research proposes a randomness timing solution based on the concept of random ‘for’ loop to the KDFs. The randomness timing solution protects the security of KDFs but decreases the performance of KDFs. This research brings benefits to the security researchers in which ACAM security model can be used as the benchmark to determine whether the design of KDFs consists of security weakness in terms of bit-flipping attack and timing side-channel attack.
vi |
|---|