Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2004

AUTHORS

Yevgeniy Dodis , Rosario Gennaro , Johan Håstad , Hugo Krawczyk , Tal Rabin

ABSTRACT

We study the suitability of common pseudorandomnessmodes associated with cryptographic hash functions and block ciphers (CBC-MAC, Cascade and HMAC) for the task of “randomness extraction”, namely, the derivation of keying material from semi-secret and/or semi-random sources. Important applications for such extractors include the derivation of strong cryptographic keys from non-uniform sources of randomness (for example, to extract a seed for a pseudorandom generator from a weak source of physical or digital noise), and the derivation of pseudorandom keys from a Diffie-Hellman value.Extractors are closely related in their applications to pseudorandom functions and thus it is attractive to (re)use the common pseudorandom modes as randomness extractors. Yet, the crucial difference between pseudorandom generation and randomness extraction is that the former uses random secret keys while the latter uses random but known keys. We show that under a variety of assumptions on the underlying primitives (block ciphers and compression functions), ranging from ideal randomness assumptions to realistic universal-hashing properties, these modes induce good extractors. Hence, these schemes represent a more practical alternative to combinatorial extractors (that are seldom used in practice), and a better-analyzed alternative to the common practice of using SHA-1 or MD5 (as a single un-keyed function) for randomness extraction. In particular, our results serve to validate the method of key extraction and key derivation from Diffie-Hellman values used in the IKE (IPsec’s Key Exchange) protocol. More... »

PAGES

494-510

Book

TITLE

Advances in Cryptology – CRYPTO 2004

ISBN

978-3-540-22668-0
978-3-540-28628-8

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-540-28628-8_30

DOI

http://dx.doi.org/10.1007/978-3-540-28628-8_30

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1036339578


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "New York University", 
          "id": "http://www.grid.ac/institutes/grid.137628.9", 
          "name": [
            "New York University"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Dodis", 
        "givenName": "Yevgeniy", 
        "id": "sg:person.015074130645.34", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015074130645.34"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "IBM Research"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Gennaro", 
        "givenName": "Rosario", 
        "id": "sg:person.013573255563.35", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013573255563.35"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Royal Institute, Sweden", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "Royal Institute, Sweden"
          ], 
          "type": "Organization"
        }, 
        "familyName": "H\u00e5stad", 
        "givenName": "Johan", 
        "id": "sg:person.011562747461.61", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011562747461.61"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Technion, Israel, and IBM Research", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "Technion, Israel, and IBM Research"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Krawczyk", 
        "givenName": "Hugo", 
        "id": "sg:person.013004021661.30", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013004021661.30"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "IBM Research"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Rabin", 
        "givenName": "Tal", 
        "id": "sg:person.015473523512.58", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015473523512.58"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2004", 
    "datePublishedReg": "2004-01-01", 
    "description": "We study the suitability of common pseudorandomnessmodes associated with cryptographic hash functions and block ciphers (CBC-MAC, Cascade and HMAC) for the task of \u201crandomness extraction\u201d, namely, the derivation of keying material from semi-secret and/or semi-random sources. Important applications for such extractors include the derivation of strong cryptographic keys from non-uniform sources of randomness (for example, to extract a seed for a pseudorandom generator from a weak source of physical or digital noise), and the derivation of pseudorandom keys from a Diffie-Hellman value.Extractors are closely related in their applications to pseudorandom functions and thus it is attractive to (re)use the common pseudorandom modes as randomness extractors. Yet, the crucial difference between pseudorandom generation and randomness extraction is that the former uses random secret keys while the latter uses random but known keys. We show that under a variety of assumptions on the underlying primitives (block ciphers and compression functions), ranging from ideal randomness assumptions to realistic universal-hashing properties, these modes induce good extractors. Hence, these schemes represent a more practical alternative to combinatorial extractors (that are seldom used in practice), and a better-analyzed alternative to the common practice of using SHA-1 or MD5 (as a single un-keyed function) for randomness extraction. In particular, our results serve to validate the method of key extraction and key derivation from Diffie-Hellman values used in the IKE (IPsec\u2019s Key Exchange) protocol.", 
    "editor": [
      {
        "familyName": "Franklin", 
        "givenName": "Matt", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-540-28628-8_30", 
    "inLanguage": "en", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-22668-0", 
        "978-3-540-28628-8"
      ], 
      "name": "Advances in Cryptology \u2013 CRYPTO 2004", 
      "type": "Book"
    }, 
    "keywords": [
      "key derivation", 
      "cryptographic hash functions", 
      "strong cryptographic keys", 
      "random secret key", 
      "randomness extraction", 
      "cryptographic keys", 
      "IKE protocol", 
      "hash function", 
      "secret key", 
      "pseudorandom key", 
      "SHA-1", 
      "key extraction", 
      "pseudorandom functions", 
      "block cipher", 
      "extractor", 
      "pseudorandom generation", 
      "important applications", 
      "randomness extractors", 
      "key", 
      "such extractors", 
      "non-uniform sources", 
      "extraction", 
      "best extractor", 
      "MD5", 
      "primitives", 
      "cipher", 
      "applications", 
      "task", 
      "variety of assumptions", 
      "scheme", 
      "common practice", 
      "practical alternative", 
      "protocol", 
      "randomness", 
      "derivation", 
      "assumption", 
      "generation", 
      "method", 
      "suitability", 
      "alternative", 
      "source", 
      "variety", 
      "function", 
      "mode", 
      "results", 
      "practice", 
      "values", 
      "crucial difference", 
      "CBC", 
      "randomness assumption", 
      "properties", 
      "semi-random sources", 
      "cascade", 
      "differences", 
      "materials"
    ], 
    "name": "Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes", 
    "pagination": "494-510", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1036339578"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-540-28628-8_30"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-540-28628-8_30", 
      "https://app.dimensions.ai/details/publication/pub.1036339578"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-10T10:55", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220509/entities/gbq_results/chapter/chapter_91.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-540-28628-8_30"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-28628-8_30'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-28628-8_30'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-28628-8_30'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-540-28628-8_30'


 

This table displays all metadata directly associated to this object as RDF triples.

150 TRIPLES      23 PREDICATES      81 URIs      74 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-540-28628-8_30 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N85472c27179b45eeac3cee567fde8612
4 schema:datePublished 2004
5 schema:datePublishedReg 2004-01-01
6 schema:description We study the suitability of common pseudorandomnessmodes associated with cryptographic hash functions and block ciphers (CBC-MAC, Cascade and HMAC) for the task of “randomness extraction”, namely, the derivation of keying material from semi-secret and/or semi-random sources. Important applications for such extractors include the derivation of strong cryptographic keys from non-uniform sources of randomness (for example, to extract a seed for a pseudorandom generator from a weak source of physical or digital noise), and the derivation of pseudorandom keys from a Diffie-Hellman value.Extractors are closely related in their applications to pseudorandom functions and thus it is attractive to (re)use the common pseudorandom modes as randomness extractors. Yet, the crucial difference between pseudorandom generation and randomness extraction is that the former uses random secret keys while the latter uses random but known keys. We show that under a variety of assumptions on the underlying primitives (block ciphers and compression functions), ranging from ideal randomness assumptions to realistic universal-hashing properties, these modes induce good extractors. Hence, these schemes represent a more practical alternative to combinatorial extractors (that are seldom used in practice), and a better-analyzed alternative to the common practice of using SHA-1 or MD5 (as a single un-keyed function) for randomness extraction. In particular, our results serve to validate the method of key extraction and key derivation from Diffie-Hellman values used in the IKE (IPsec’s Key Exchange) protocol.
7 schema:editor N4b09c214af6d4d48b79cfe8be1d03e89
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree true
11 schema:isPartOf N62273246a06341158f905d194a459e79
12 schema:keywords CBC
13 IKE protocol
14 MD5
15 SHA-1
16 alternative
17 applications
18 assumption
19 best extractor
20 block cipher
21 cascade
22 cipher
23 common practice
24 crucial difference
25 cryptographic hash functions
26 cryptographic keys
27 derivation
28 differences
29 extraction
30 extractor
31 function
32 generation
33 hash function
34 important applications
35 key
36 key derivation
37 key extraction
38 materials
39 method
40 mode
41 non-uniform sources
42 practical alternative
43 practice
44 primitives
45 properties
46 protocol
47 pseudorandom functions
48 pseudorandom generation
49 pseudorandom key
50 random secret key
51 randomness
52 randomness assumption
53 randomness extraction
54 randomness extractors
55 results
56 scheme
57 secret key
58 semi-random sources
59 source
60 strong cryptographic keys
61 such extractors
62 suitability
63 task
64 values
65 variety
66 variety of assumptions
67 schema:name Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes
68 schema:pagination 494-510
69 schema:productId N356ffab36924434081727044028c6d75
70 N42c650e2bf5d46c8bd97e26a7a299f3a
71 schema:publisher Nc32395a66eef401da90c1120ab235d75
72 schema:sameAs https://app.dimensions.ai/details/publication/pub.1036339578
73 https://doi.org/10.1007/978-3-540-28628-8_30
74 schema:sdDatePublished 2022-05-10T10:55
75 schema:sdLicense https://scigraph.springernature.com/explorer/license/
76 schema:sdPublisher N7f9aea3280034b6ab1eb37ccbbdb7bf5
77 schema:url https://doi.org/10.1007/978-3-540-28628-8_30
78 sgo:license sg:explorer/license/
79 sgo:sdDataset chapters
80 rdf:type schema:Chapter
81 N147c9863616c48b58f2e2fa25bd6eb15 rdf:first sg:person.013573255563.35
82 rdf:rest Nf7d4d4000b7744b48fb31132ad700031
83 N356ffab36924434081727044028c6d75 schema:name doi
84 schema:value 10.1007/978-3-540-28628-8_30
85 rdf:type schema:PropertyValue
86 N42c650e2bf5d46c8bd97e26a7a299f3a schema:name dimensions_id
87 schema:value pub.1036339578
88 rdf:type schema:PropertyValue
89 N4b09c214af6d4d48b79cfe8be1d03e89 rdf:first N876681bc3e454368b86f8e4bd6001e77
90 rdf:rest rdf:nil
91 N62273246a06341158f905d194a459e79 schema:isbn 978-3-540-22668-0
92 978-3-540-28628-8
93 schema:name Advances in Cryptology – CRYPTO 2004
94 rdf:type schema:Book
95 N7f9aea3280034b6ab1eb37ccbbdb7bf5 schema:name Springer Nature - SN SciGraph project
96 rdf:type schema:Organization
97 N85472c27179b45eeac3cee567fde8612 rdf:first sg:person.015074130645.34
98 rdf:rest N147c9863616c48b58f2e2fa25bd6eb15
99 N876681bc3e454368b86f8e4bd6001e77 schema:familyName Franklin
100 schema:givenName Matt
101 rdf:type schema:Person
102 Nc32395a66eef401da90c1120ab235d75 schema:name Springer Nature
103 rdf:type schema:Organisation
104 Ne3001c6da92749aca56cf2808314085d rdf:first sg:person.015473523512.58
105 rdf:rest rdf:nil
106 Nf081b3bfd26f411bb2fdd372f19a3715 rdf:first sg:person.013004021661.30
107 rdf:rest Ne3001c6da92749aca56cf2808314085d
108 Nf7d4d4000b7744b48fb31132ad700031 rdf:first sg:person.011562747461.61
109 rdf:rest Nf081b3bfd26f411bb2fdd372f19a3715
110 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
111 schema:name Information and Computing Sciences
112 rdf:type schema:DefinedTerm
113 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
114 schema:name Data Format
115 rdf:type schema:DefinedTerm
116 sg:person.011562747461.61 schema:affiliation grid-institutes:None
117 schema:familyName Håstad
118 schema:givenName Johan
119 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011562747461.61
120 rdf:type schema:Person
121 sg:person.013004021661.30 schema:affiliation grid-institutes:None
122 schema:familyName Krawczyk
123 schema:givenName Hugo
124 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013004021661.30
125 rdf:type schema:Person
126 sg:person.013573255563.35 schema:affiliation grid-institutes:None
127 schema:familyName Gennaro
128 schema:givenName Rosario
129 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.013573255563.35
130 rdf:type schema:Person
131 sg:person.015074130645.34 schema:affiliation grid-institutes:grid.137628.9
132 schema:familyName Dodis
133 schema:givenName Yevgeniy
134 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015074130645.34
135 rdf:type schema:Person
136 sg:person.015473523512.58 schema:affiliation grid-institutes:None
137 schema:familyName Rabin
138 schema:givenName Tal
139 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015473523512.58
140 rdf:type schema:Person
141 grid-institutes:None schema:alternateName IBM Research
142 Royal Institute, Sweden
143 Technion, Israel, and IBM Research
144 schema:name IBM Research
145 Royal Institute, Sweden
146 Technion, Israel, and IBM Research
147 rdf:type schema:Organization
148 grid-institutes:grid.137628.9 schema:alternateName New York University
149 schema:name New York University
150 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...