Internet Archive Scholar

Design and Analysis of Password-Based Key Derivation Functions [chapter]

Frances F. Yao, Yiqun Lisa Yin
<span title="">2005</span> <i title="Springer Berlin Heidelberg"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/2w3awgokqne6te4nvlofavy5a4" style="color: black;">Lecture Notes in Computer Science</a> </i> &nbsp;

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (207.4 kB)
https://web.archive.org/web/20100620163609/http://palms.ee.princeton.edu/PALMSopen/yao05design.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2010; you can also visit <a rel="external noopener" href="http://palms.ee.princeton.edu/PALMSopen/yao05design.pdf">the original URL</a>. The file type is <code>application/pdf</code>.

A password-based key derivation function (KDF) -a function that derives cryptographic keys from a password -is necessary in many security applications. Like any password-based schemes, such KDFs are subject to key search attacks (often called dictionary attacks). Salt and iteration count are used in practice to significantly increase the workload of such attacks. These techniques have also been specified in widely adopted industry standards such as PKCS and IETF. Despite the importance and
more &raquo; ... spread usage, there has been no formal security analysis on existing constructions. In this paper, we propose a general security framework for password-based KDFs and introduce two security definitions each capturing a different attacking scenario. We study the most commonly used construction H (c) (p s) and prove that the iteration count c, when fixed, does have an effect of stretching the password p by log 2 c bits. We then analyze the two standardized KDFs in PKCS#5. We show that both are secure if the adversary cannot influence the parameters but subject to attacks otherwise. Finally, we propose a new password-based KDF that is provably secure even when the adversary has full control of the parameters.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-540-30574-3_17">doi:10.1007/978-3-540-30574-3_17</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/oel3mi24xbavhkwjrtbtxiihxu">fatcat:oel3mi24xbavhkwjrtbtxiihxu</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20100620163609/http://palms.ee.princeton.edu/PALMSopen/yao05design.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/ea/90/ea901f250483f34654b37e1e8a9af4b5a5cde7ce.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-540-30574-3_17"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> springer.com </button> </a>
Citation

Frances F. Yao, Yiqun Lisa Yin. "Design and Analysis of Password-Based Key Derivation Functions." Lecture Notes in Computer Science (2005) 245-261