Paper 2015/375
Bounds on surmising remixed keys
Daniel R. L. Brown
Abstract
A remixed key is derived from a secret source key by applying a public but unpredictable random function to the source key. A remixed key models a key derived from a shared secret and a public unpredictable salt, using a common, deterministic, pseudorandom function---which is somewhat like TLS record-layer keys. This report tries to validate the intuition that remixed keys are not easy to surmise, in other words, that remixing does not introduce an exploitable spike in the probability distribution of the remixed key. The report provides pencil-and-paper proofs of numerical bounds on the probability that an adversary can surmise a remixed key, assuming a uniformly random source key and remix function. The proofs are derived from a proof of an asymptotic result on probability theory in a textbook by Shoup.
Note: More credit to Shoup.
Metadata
- Available format(s)
- Category
- Foundations
- Publication info
- Preprint. MINOR revision.
- Keywords
- Key derivationentropy
- Contact author(s)
- dbrown @ certicom com
- History
- 2018-05-07: last of 6 revisions
- 2015-04-24: received
- See all versions
- Short URL
- https://ia.cr/2015/375
- License
-
CC BY