Adaptive chosen all inputs model for analyzing key derivation functions against bit-flip and timing side-channel attacks

Koh, Wen Wen (2019) Adaptive chosen all inputs model for analyzing key derivation functions against bit-flip and timing side-channel attacks. Masters thesis, Universiti Tun Hussein Onn Malaysia.

[img]
Preview
Text
24p KOH WEN WEN.pdf

Download (2MB) | Preview
[img] Text (Copyright Declaration)
KOH WEN WEN COPYRIGHT DECLARATION.pdf
Restricted to Repository staff only

Download (2MB) | Request a copy
[img] Text (Full Text)
KOH WEN WEN WATERMARK.pdf
Restricted to Registered users only

Download (3MB) | Request a copy

Abstract

Cryptographic keys are vital to ensure secure communication and secure electronic transaction. Key Derivation Function (KDF) is used to generate these cryptographic keys from a private string, salt and context information. A salt is a random string while the context information is the application specific data such as identities of communicating parties. Due to the importance of the KDF, it is mandatory to ensure the design of KDF may withstand any types of attacks. Nowadays, there are five security models used to analyze the security of KDF proposals. However, none of these security models take into account the KDF analysis against the bit-flipping attack and timing side-channel attack. Therefore, this research proposes a new security model, namely Adaptive Chosen All Inputs Model (ACAM) for analyzing the security of KDF proposals against these attacks. This research proves the implication relationship and non-implication relationship between the ACAM and the existing security model, namely Adaptive Chosen Public Inputs Model with Multiple Salts (CPM). The ACAM analyzes the security of KDF proposals in terms of the bit-flipping attack and timing side-channel attack. The result showed that only the stream cipher based KDF is vulnerable to the bit-flipping attack. However, all the existing KDFs are vulnerable to the timing side-channel attack. Finally, this research conducts the practical timing side-channel attack on KDFs that are constructed using hash functions, stream ciphers, and block ciphers. Different constructions of KDFs have resulted in different timing variation. The timing variation can reveal the length of private string and the types of cryptographic primitives used to build the KDFs. Hence, this research proposes a randomness timing solution based on the concept of random ‘for’ loop to the KDFs. The randomness timing solution protects the security of KDFs but decreases the performance of KDFs. This research brings benefits to the security researchers in which ACAM security model can be used as the benchmark to determine whether the design of KDFs consists of security weakness in terms of bit-flipping attack and timing side-channel attack. vi

Item Type: Thesis (Masters)
Subjects: Q Science > QA Mathematics > QA299.6-433 Analysis
Divisions: Faculty of Computer Science and Information Technology > Department of Information Security
Depositing User: Mrs. Sabarina Che Mat
Date Deposited: 05 Aug 2021 03:11
Last Modified: 05 Aug 2021 03:11
URI: http://eprints.uthm.edu.my/id/eprint/539

Actions (login required)

View Item View Item