How to generate cryptographically strong sequences of pseudo-random bits
SIAM Journal on Computing
How to construct random functions
Journal of the ACM (JACM)
An identity-based key-exchange protocol
EUROCRYPT '89 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Stateless Evaluation of Pseudorandom Functions: Security beyond the Birthday Barrier
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Forward-Secure Digital Signature Scheme
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Cryptanalysis of the Full 16-Round DES
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
The Security of Cipher Block Chaining
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Theory and application of trapdoor functions
SFCS '82 Proceedings of the 23rd Annual Symposium on Foundations of Computer Science
Secure Key-Evolving Protocols for Discrete Logarithm Schemes
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
A Practice-Oriented Treatment of Pseudorandom Number Generators
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
On side-channel resistant block cipher usage
ISC'10 Proceedings of the 13th international conference on Information security
Privacy Analysis of Forward and Backward Untraceable RFID Authentication Schemes
Wireless Personal Communications: An International Journal
Secure key-updating for lazy revocation
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Multihop-Based key management in hierarchical wireless sensor network
GPC'12 Proceedings of the 7th international conference on Advances in Grid and Pervasive Computing
Lightweight secure communication protocols for in-vehicle sensor networks
Proceedings of the 2013 ACM workshop on Security, privacy & dependability for cyber vehicles
Leakage-Resilient symmetric encryption via re-keying
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems
Journal of Network and Computer Applications
| Hi-index | 0.00 |
Rather than use a shared key directly to cryptographically process (e.g. encrypt or authenticate) data one can use it as a master key to derive subkeys, and use the subkeys for the actual cryptographic processing. This popular paradigm is called re-keying, and the expectation is that it is good for security. In this paper we provide concrete security analyses of various re-keying mechanisms and their usage. We show that re-keying does indeed "increase" security, effectively extending the lifetime of the master key and bringing significant, provable security gains in practical situations. We quantify the security provided by different rekeying processes as a function of the security of the primitives they use, thereby enabling a user to choose between different re-keying processes given the constraints of some application.