Continuous Non-malleable Key Derivation and its Application to Related-Key Security

Author

Baodong QIN, Shanghai Jiaotong University
Shenli LIU, Shanghai Jiaotong University
Tsz Hon YUEN, Southwest University of Science and Technology
Robert H. DENG, Singapore Management UniversityFollow
Kefei CHEN, Hangzhou Normal University

Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

6-2015

Abstract

Related-Key Attacks (RKAs) allow an adversary to observe the outcomes of a cryptographic primitive under not only its original secret key e.g., s, but also a sequence of modified keys ϕ(s), where ϕ is specified by the adversary from a class Φ of so-called Related-Key Derivation (RKD) functions. This paper extends the notion of non-malleable Key Derivation Functions (nm-KDFs), introduced by Faust et al. (EUROCRYPT’14), to continuous nm-KDFs. Continuous nm-KDFs have the ability to protect against any a-priori unbounded number of RKA queries, instead of just a single time tampering attack as in the definition of nm-KDFs. Informally, our continuous non-malleability captures the scenario where the adversary can tamper with the original secret key repeatedly and adaptively. We present a novel construction of continuous nm-KDF for any polynomials of bounded degree over a finite field. Essentially, our result can be extended to richer RKD function classes possessing properties of high output entropy and input-output collision resistance. The technical tool employed in the construction is the one-time lossy filter (Qin et al. ASIACRYPT’13) which can be efficiently obtained under standard assumptions, e.g., DDH and DCR. We propose a framework for constructing Φ-RKA-secure IBE, PKE and signature schemes, using a continuous nm-KDF for the same Φ-class of RKD functions. Applying our construction of continuous nm-KDF to this framework, we obtain the first RKA-secure IBE, PKE and signature schemes for a class of polynomial RKD functions of bounded degree under standard assumptions. While previous constructions for the same class of RKD functions all rely on non-standard assumptions, e.g., d-extended DBDH assumption.

Keywords

Related-key attacks, Non-malleable key derivation, One-time lossy filter

Discipline

Computer Sciences | Information Security

Research Areas

Cybersecurity

Publication

Public-Key Cryptography - PKC 2015: 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, MD, USA, March 30 - April 1, 2015, Proceedings

Volume

9020

First Page

557

Last Page

578

ISBN

9783662464465

Identifier

10.1007/978-3-662-46447-2_25

Publisher

Springer

City or Country

Cham

Citation

QIN, Baodong; LIU, Shenli; YUEN, Tsz Hon; DENG, Robert H.; and CHEN, Kefei. Continuous Non-malleable Key Derivation and its Application to Related-Key Security. (2015). Public-Key Cryptography - PKC 2015: 18th IACR International Conference on Practice and Theory in Public-Key Cryptography, Gaithersburg, MD, USA, March 30 - April 1, 2015, Proceedings. 9020, 557-578.
Available at: https://ink.library.smu.edu.sg/sis_research/2886

Copyright Owner and License

Publisher

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1007/978-3-662-46447-2_25