File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1007/978-3-662-46447-2_25
- Scopus: eid_2-s2.0-84925251362
- WOS: WOS:000406205700025
- Find via
Supplementary
- Citations:
- Appears in Collections:
Conference Paper: Continuous non-malleable key derivation and its application to related-key security
Title | Continuous non-malleable key derivation and its application to related-key security |
---|---|
Authors | |
Keywords | Related-key attacks One-time lossy filter Non-malleable key derivation |
Issue Date | 2015 |
Citation | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2015, v. 9020, p. 557-578 How to Cite? |
Abstract | © International Association for Cryptologic Research 2015. Related-Key Attacks (RKAs) allow an adversary to observe the outcomes of a cryptographic primitive under not only its original secret key e.g., s, but also a sequence of modified keys φ(s), where φ is specified by the adversary from a class Φ of so-called Related-Key Derivation (RKD) functions. This paper extends the notion of non-malleable Key Derivation Functions (nm-KDFs), introduced by Faust et al. (EUROCRYPT’14), to continuous nm-KDFs. Continuous nm-KDFs have the ability to protect against any a-priori unbounded number of RKA queries, instead of just a single time tampering attack as in the definition of nm-KDFs. Informally, our continuous non-malleability captures the scenario where the adversary can tamper with the original secret key repeatedly and adaptively. We present a novel construction of continuous nm-KDF for any polynomials of bounded degree over a finite field. Essentially, our result can be extended to richer RKD function classes possessing properties of high output entropy and input-output collision resistance. The technical tool employed in the construction is the one-time lossy filter (Qin et al. ASIACRYPT’13) which can be efficiently obtained under standard assumptions, e.g., DDH and DCR. We propose a framework for constructing Φ-RKA-secure IBE, PKE and signature schemes, using a continuous nm-KDF for the same Φ-class of RKD functions. Applying our construction of continuous nm-KDF to this framework, we obtain the first RKA-secure IBE, PKE and signature schemes for a class of polynomial RKD functions of bounded degree under standard assumptions. While previous constructions for the same class of RKD functions all rely on non-standard assumptions, e.g., d-extended DBDH assumption. |
Persistent Identifier | http://hdl.handle.net/10722/260256 |
ISSN | 2023 SCImago Journal Rankings: 0.606 |
ISI Accession Number ID |
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Qin, Baodong | - |
dc.contributor.author | Liu, Shengli | - |
dc.contributor.author | Yuen, Tsz Hon | - |
dc.contributor.author | Deng, Robert H. | - |
dc.contributor.author | Chen, Kefei | - |
dc.date.accessioned | 2018-09-12T02:00:55Z | - |
dc.date.available | 2018-09-12T02:00:55Z | - |
dc.date.issued | 2015 | - |
dc.identifier.citation | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2015, v. 9020, p. 557-578 | - |
dc.identifier.issn | 0302-9743 | - |
dc.identifier.uri | http://hdl.handle.net/10722/260256 | - |
dc.description.abstract | © International Association for Cryptologic Research 2015. Related-Key Attacks (RKAs) allow an adversary to observe the outcomes of a cryptographic primitive under not only its original secret key e.g., s, but also a sequence of modified keys φ(s), where φ is specified by the adversary from a class Φ of so-called Related-Key Derivation (RKD) functions. This paper extends the notion of non-malleable Key Derivation Functions (nm-KDFs), introduced by Faust et al. (EUROCRYPT’14), to continuous nm-KDFs. Continuous nm-KDFs have the ability to protect against any a-priori unbounded number of RKA queries, instead of just a single time tampering attack as in the definition of nm-KDFs. Informally, our continuous non-malleability captures the scenario where the adversary can tamper with the original secret key repeatedly and adaptively. We present a novel construction of continuous nm-KDF for any polynomials of bounded degree over a finite field. Essentially, our result can be extended to richer RKD function classes possessing properties of high output entropy and input-output collision resistance. The technical tool employed in the construction is the one-time lossy filter (Qin et al. ASIACRYPT’13) which can be efficiently obtained under standard assumptions, e.g., DDH and DCR. We propose a framework for constructing Φ-RKA-secure IBE, PKE and signature schemes, using a continuous nm-KDF for the same Φ-class of RKD functions. Applying our construction of continuous nm-KDF to this framework, we obtain the first RKA-secure IBE, PKE and signature schemes for a class of polynomial RKD functions of bounded degree under standard assumptions. While previous constructions for the same class of RKD functions all rely on non-standard assumptions, e.g., d-extended DBDH assumption. | - |
dc.language | eng | - |
dc.relation.ispartof | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | - |
dc.subject | Related-key attacks | - |
dc.subject | One-time lossy filter | - |
dc.subject | Non-malleable key derivation | - |
dc.title | Continuous non-malleable key derivation and its application to related-key security | - |
dc.type | Conference_Paper | - |
dc.description.nature | link_to_subscribed_fulltext | - |
dc.identifier.doi | 10.1007/978-3-662-46447-2_25 | - |
dc.identifier.scopus | eid_2-s2.0-84925251362 | - |
dc.identifier.volume | 9020 | - |
dc.identifier.spage | 557 | - |
dc.identifier.epage | 578 | - |
dc.identifier.eissn | 1611-3349 | - |
dc.identifier.isi | WOS:000406205700025 | - |
dc.identifier.issnl | 0302-9743 | - |