Cryptology ePrint Archive: Report 2017/697

Increasing the Lifetime of Symmetric Keys for the GCM Mode by Internal Re-keying

Liliya R. Ahmetzyanova and Evgeny K. Alekseev and Igor B. Oshkin and Stanislav V. Smyshlyaev

Abstract: In this paper we introduce a classification of existing approaches to increase the security of block cipher operation modes based on re-keying, putting the focus on so-called internal re-keying without master key --- re-keying during each separate message processing with no additional keys required. For extending the GCM base mode we provide an internal re-keying technique called ACPKM. This technique does not require additional secret parameters or complicated transformations --- for key updating only the base encryption function is used. We quantify the security of the re-keyed GCMKM mode, respecting standard security notions with nonce-respecting adversaries, as a function of the security of a used primitive. We claim that the obtained proof framework can be reused to provide security bounds for other re-keyed modes without a master key. We also show that the ACPKM internal re-keying technique increases security, essentially extending the lifetime of a key with a minor loss in performance. We also consider the composition of internal and external re-keying and compare key lifetime limitations for the base and re-keyed GCM modes in TLS 1.3.

Category / Keywords: secret-key cryptography / key lifetime, re-keying, key diversification, key meshing, mode of operations, GCM

Date: received 13 Jul 2017

Contact author: lah at cryptopro ru

Available format(s): PDF | BibTeX Citation

Version: 20170721:151424 (All versions of this report)

Short URL: ia.cr/2017/697

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]