Paper 2015/1088

Note on the RKA security of Continuously Non-Malleable Key-Derivation Function from PKC 2015

Eiichiro Fujisaki and Keita Xagawa

Abstract

Qin, Liu, Yuen, Deng, and Chen (PKC 2015) gave a new security notion of key-derivation function (KDF), continuous non-malleability with respect to $\Phi$-related-key attacks ($\Phi$-CNM), and its application to RKA-secure public-key cryptographic primitives. They constructed a KDF from cryptographic primitives and showed that the obtained KDF is $\Phi_{hoe\&iocr}$-CNM, where $\Phi_{hoe\&iocr}$ contains the identity function, the constant functions, and functions that have high output-entropy (HOE) and input-output collision-resistance (IOCR) simultaneously. This short note disproves the security of their KDF by giving $\Phi_{hoe\&iocr}$-RKAs by exploiting the components of their KDF. We note that their proof is still correct for $\Phi$-CNM for a subset of $\Phi_{hoe\&iocr}$; for example the KDF satisfies $\Phi_{poly(d)}$-CNM, in which an adversary can tamper with a secret by using polynomials of degree at most $d$.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Related-key attacksRKA securitycontinous non-malleabilityCNM-KDF
Contact author(s)
xagawa keita @ lab ntt co jp
History
2015-12-24: revised
2015-11-09: received
See all versions
Short URL
https://ia.cr/2015/1088
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/1088,
      author = {Eiichiro Fujisaki and Keita Xagawa},
      title = {Note on the RKA security of Continuously Non-Malleable Key-Derivation Function  from PKC 2015},
      howpublished = {Cryptology ePrint Archive, Paper 2015/1088},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/1088}},
      url = {https://eprint.iacr.org/2015/1088}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.