Further More on Key Wrapping
スポンサーリンク
概要
- 論文の詳細を見る
Constructing a secure and efficient key wrapping scheme is demanding, and the scheme based on a universal hash function and an elementary encryption mode like ECB and CBC modes is potential for a practical use. However, at SAC 2009, Gennaro and Halevi showed that a key wrapping scheme using a universal hash function and ECB mode (a HtECB scheme) is broken, and the security of a scheme based on a universal hash function and CBC mode (a HtCBC scheme) has been left as an open problem. In this paper, we first generalize classical notions of universal and uniform hash functions, and propose a total of four new notions of the keyed hash function. We then prove that HtECB and HtCBC schemes are secure key wrapping schemes if the universal hash function satisfies uniformity and our notions, where the result on the HtCBC scheme gives a partial answer to the open problem. Then we discuss a basic problem of identifying relations between various notions of a keyed hash function, and point out that a monic polynomial hash function satisfies all the new notions.
- 2012-01-01
著者
-
Iwata Tetsu
Dept. Of Computational Science And Engineering Nagoya University
-
Osaki Yasushi
Dept. Of Computational Science And Engineering Nagoya University
関連論文
- Side Channel Attacks on Message Authentication Codes (特集:ユビキタス社会を支えるコンピュータセキュリティ技術)
- How to Construct Super-Pseudorandom Permutations with Short Keys(Symmetric Cryptography,Cryptography and Information Security)
- Further More on Key Wrapping
- Improving the Permutation Layer of Type 1, Type 3, Source-Heavy, and Target-Heavy Generalized Feistel Structures
- Cryptanalysis of 249-, 250-, ..., 256-Bit Key HyRAL via Equivalent Keys
- Security of Hash-then-CBC Key Wrapping Revisited
- Side Channel Attacks on Message Authentication Codes
- Side Channel Attacks on Message Authentication Codes