All-or-Nothing Key Derivation Function Based on Quasigroup String Transformation
Traditionally, Cryptographic ciphers (Block and Stream) uses Key Derivation Function (KDF) to generate cryptographic keys for encryption purpose. These KDFs are usually designed based on existing Hash functions and ciphers as primitives, to achieve better security. However, this method of constructi...
Saved in:
Published in | 2016 International Conference on Information Science and Security (ICISS) pp. 1 - 5 |
---|---|
Main Authors | , , , |
Format | Conference Proceeding |
Language | English |
Published |
IEEE
01.12.2016
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Traditionally, Cryptographic ciphers (Block and Stream) uses Key Derivation Function (KDF) to generate cryptographic keys for encryption purpose. These KDFs are usually designed based on existing Hash functions and ciphers as primitives, to achieve better security. However, this method of construction can be costly to resources- constrain environments. The main function of KDFs is to generate random and unpredictable secret keys. Therefore, the use of predefined public string increases the predictability level and provides some partial knowledge of the key to cryptanalyst, thus jeopardies the security. This paper proposed a new algorithm to minimize the use of cryptographic Hash function and ciphers as a key derivation function and to optimally mitigate the use of predefined public string in KDF. The proposed KDF is entirely key-dependent and cryptanalyst has to correctly predict all the elements in the key string otherwise he got nothing. To achieve that, a new definition of Quasigroup string transformation, a Quasigroup- based expansion function, and key-metadata expansion function as well as reduction function are integrated together in the design of the proposed KDF. The proposed algorithm will be evaluated using statistical test for Randomness developed and recommended by the National Institute of Standard and Technology (NIST), Avalanche, Brute Force and Correlation Assessment test. The proposed algorithm will ensure not only confidentiality of information but integrity as well. |
---|---|
DOI: | 10.1109/ICISSEC.2016.7885839 |