Security of Symmetric Primitives under Incorrect Usage of Keys

Pooya Farshim 1, 2, 3 Claudio Orlandi 4 Răzvan Roşie 2
1 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, ENS Paris - École normale supérieure - Paris, CNRS - Centre National de la Recherche Scientifique : UMR 8548, Inria de Paris
Abstract : We study the security of symmetric primitives under the incorrect usage of keys. Roughly speaking, a key-robust scheme does not output ciphertexts/tags that are valid with respect to distinct keys. Key-robustness is a notion that is often tacitly expected/assumed in protocol design — as is the case with anonymous auction, oblivious transfer, or public-key encryption. We formalize simple, yet strong definitions of key robustness for authenticated-encryption, message-authentication codes and PRFs. We show standard notions (such as AE or PRF security) guarantee a basic level of key-robustness under honestly generated keys, but fail to imply key-robustness under adversarially generated (or known) keys. We show robust encryption and MACs compose well through generic composition, and identify robust PRFs as the main primitive used in building robust schemes. Standard hash functions are expected to satisfy key-robustness and PRF security, and hence suffice for practical instantiations. We however provide further theoretical justifications (in the standard model) by constructing robust PRFs from (left-and-right) collision-resistant PRGs.
Type de document :
Article dans une revue
IACR Transactions on Symmetric Cryptology, Ruhr Universität Bochum, 2017, 〈10.13154/tosc.v2017.i1.449-473〉
Liste complète des métadonnées

Littérature citée [22 références]  Voir  Masquer  Télécharger

https://hal-ens.archives-ouvertes.fr/hal-01470885
Contributeur : Pooya Farshim <>
Soumis le : vendredi 17 février 2017 - 20:07:54
Dernière modification le : jeudi 11 janvier 2018 - 06:28:02
Document(s) archivé(s) le : jeudi 18 mai 2017 - 15:23:12

Fichier

main.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Collections

Citation

Pooya Farshim, Claudio Orlandi, Răzvan Roşie. Security of Symmetric Primitives under Incorrect Usage of Keys. IACR Transactions on Symmetric Cryptology, Ruhr Universität Bochum, 2017, 〈10.13154/tosc.v2017.i1.449-473〉. 〈hal-01470885〉

Partager

Métriques

Consultations de la notice

121

Téléchargements de fichiers

111