Paper 2015/1088
Note on the RKA security of Continuously Non-Malleable Key-Derivation Function from PKC 2015
Eiichiro Fujisaki and Keita Xagawa
Abstract
Qin, Liu, Yuen, Deng, and Chen (PKC 2015) gave a new security notion of key-derivation function (KDF), continuous non-malleability with respect to $\Phi$-related-key attacks ($\Phi$-CNM), and its application to RKA-secure public-key cryptographic primitives. They constructed a KDF from cryptographic primitives and showed that the obtained KDF is $\Phi_{hoe\&iocr}$-CNM, where $\Phi_{hoe\&iocr}$ contains the identity function, the constant functions, and functions that have high output-entropy (HOE) and input-output collision-resistance (IOCR) simultaneously. This short note disproves the security of their KDF by giving $\Phi_{hoe\&iocr}$-RKAs by exploiting the components of their KDF. We note that their proof is still correct for $\Phi$-CNM for a subset of $\Phi_{hoe\&iocr}$; for example the KDF satisfies $\Phi_{poly(d)}$-CNM, in which an adversary can tamper with a secret by using polynomials of degree at most $d$.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- Related-key attacksRKA securitycontinous non-malleabilityCNM-KDF
- Contact author(s)
- xagawa keita @ lab ntt co jp
- History
- 2015-12-24: revised
- 2015-11-09: received
- See all versions
- Short URL
- https://ia.cr/2015/1088
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/1088,
author = {Eiichiro Fujisaki and Keita Xagawa},
title = {Note on the {RKA} security of Continuously Non-Malleable Key-Derivation Function from {PKC} 2015},
howpublished = {Cryptology {ePrint} Archive, Paper 2015/1088},
year = {2015},
url = {https://eprint.iacr.org/2015/1088}
}
