Efficient Construction of Infinite Length Hash Chains with Perfect Forward Secrecy Using Two Independent Hash Functions

Sebastian Bittl

2014

Abstract

One-way hash chains have been used to secure many applications over the last three decades. To overcome the fixed length limitation of first generation designs, so-called infinite length hash chains have been introduced. Such designs typically employ methods of asynchronous cryptography or hash based message authentication codes. However, none of the proposed schemes offers perfect forward secrecy, keeping former outputs secret once the system got compromised. A novel algorithm for constructing infinite length hash chains with built-in support for perfect forward secrecy is presented in this work. Thereby, the scheme differs significantly from existing proposals by using a combination of two different hash functions. It avoids the computational complexity of public-key algorithms, utilises well studied standard hash functions and keeps the benefits of a hash chain without a length constraint.

References

  1. (2013). 2nd Generation Intel Core Processor Family, Datasheet, Vol.1. Intel, 8th edition. Doc. No. 324641- 008.
  2. (2013). Debian - The Universal Operating System. online: http://www.debian.org/. retrieved: 04.2014.
  3. (2014). AMD Geode LX Processor Family. AMD. Doc. No. 33358E.
  4. Aboba, B., Blunk, L., Vollbrecht, J., and Carlson, J. (2004). Extensible Authentication Protocol (EAP). Technical Report RFC:3748, IETF.
  5. Asokan, N., Tsudik, G., and Waidner, M. (1996). Serversupported signatures. In Computer Security - ESORICS 96, volume 1146 of LNCS, pages 131-143.
  6. Bellare, M., Canetti, R., and Krawczyk, H. (1996). Keying Hash Functions for Message Authentication. CRYPTO, LNCS, 1109:1-15.
  7. Bergamo, P., D'Arco, P., De Santis, A., and Kocarev, L. (2005). Security of Public-Key Cryptosystems Based on Chebyshev Polynomials. IEEE Trans. on Circuits and Systems I: Regular Papers, 52(7):1382 - 1393.
  8. Bertoni, G., Daemen, J., Peeters, M., and van Assche, G. (2011). The KECCAK SHA-3 submission. Technical Report 3, STMicroelectronics and NXP Semiconductors.
  9. Bicakci, K. and Baykal, N. (2002). Infinite Length Hash Chains and their Applications. In Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2002. WET ICE 2002, pages 57-61.
  10. BSI (2014). Kryptographische Verfahren: Empfehlungen und Schlüssellängen.
  11. Chang, S., Perlner, R., Burr, W. E., Turan, M. S., Kelsey, J. M., Paul, S., and Bassham, L. E. (2012). Third Round Report of the SHA-3 Cryptographic Hash Algorithm Competition. Technical report, NIST.
  12. Coppersmith, D. and Jakobsson, M. (2002). Almost Optimal Hash Sequence Traversal. In Proc. of the Fourth Conference on financial Cryptography, volume 2357 of LNCS, pages 102-119. Springer Berlin Heidelberg.
  13. Dai, W. (2014). Crypto++ Library. online: http://www.cryptopp.com/. retrieved: 04.2014.
  14. Devanbu, P. T. and Stubblebine, S. (1998). Stack and Queue Integrity on Hostile Platforms. In Proc. 1998 IEEE Symposium on Research in Security and Privacy.
  15. Di Pietro, R., Durante, A., Mancini, L., and Patil, V. (2005). Practically Unbounded One-Way Chains for Authentication with Backward Secrecy. In First International Conference on Security and Privacy for Emerging Areas in Communications Networks, pages 400-402.
  16. Di Pietro, R., Mancini, L. V., Durante, A., and Patil, V. (2006). Addressing the Shortcomings of one-way Chains. In Proc. of the 2006 ACM Symposium on Information, computer and communications security ASIACCS 7806, pages 289-296.
  17. Floreˆncio, D. and Herley, C. (2007). A Large-Scale Study of Web Password Habits. In Proc. of the 16th international conference on World Wide Web, pages 657-666.
  18. Haller, N. and Metz, C. (1996). A One-Time Password System. Technical Report RFC:1938, IETF.
  19. Hu, Y.-C., Jakobsson, M., and Perrig, A. (2005). Efficient Constructions for One-way Hash Chains. In Proc. of the Conference of Applied Cryptography and Network Security (ACNS), pages 7-10.
  20. ISO (2009). ISO/IEC 9945:2008 Information technology - Portable Operating System Interface (POSIX R ).
  21. Jakobsson, M. (2002). Fractal Hash Sequence Representation and Traversal. In Proc. of the 2002 IEEE International Symposium on Information Theory, pages 437-444.
  22. Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of Computation, 48(177):203-209.
  23. Lamport, L. (1981). Password Authentication with Insecure Communication. Com. of the ACM, 24(11):770-772.
  24. Lehmann, A. (2010). On the Security of Hash Function Combiners. PhD thesis, Technische Universität Darmstadt.
  25. Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A. (1996). Handbook of Applied Cryptography. CRC Press.
  26. Miller, V. S. (1986). Use of Elliptic Curves in Cryptography. In Williams, H. C., editor, Advances in Cryptology - CRYPTO 7885 Proceedings, volume 218 of LNCS, pages 417-426. Springer Berlin Heidelberg.
  27. M'Raihi, D., Bellare, M., Naccache, D., and Ranen, O. (2005). HOTP: An HMAC-Based One-Time Password Algorithm. Technical Report RFC: 4226, Network Working Group, IETF.
  28. M'Raihi, D., Machani, S., Pei, M., and Rydell, J. (2011). TOTP: Time-Based One-Time Password Algorithm. Technical Report RFC:6238, IETF.
  29. NIST (2012). Secure Hash Standard (SHS).
  30. NIST (2013). Digital Signature Standard (DSS).
  31. NIST (2014). SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. draft.
  32. Paar, C. and Pelzl, J. (2010). Understanding Cryptography. Springer, 2nd edition.
  33. Paoloni, G. (2010). How to Benchmark Code Execution Times on Intel IA-32 and IA-64 Instruction Set Architectures. White Paper 324264-001, Intel.
  34. R. M. Stallman et. al. (2012). Using the GNU Compiler Collection, For GCC version 4.7.2. Free Software Foundation.
  35. Rivest, L. and Shamir, A. (1996). PayWord and MicroMint: Two simple micropayment schemes. In CryptoBytes, pages 69-87.
  36. Rivest, R., Shamir, A., and Adleman, L. (1978). A Method for Obtaining Digital Signatures and PublicKey Cryptosystems. Com. of the ACM, 21(2):120- 126.
  37. Schneier, B. and Kelsey, J. (1998). Cryptographic Support for Secure Logs on Untrusted Machines. In Proc. 7th USENIX Security Symposium, San Antonio, Texas.
  38. Xiao, D., Liao, X., Tang, G., and Li, C. (2004). Using Chebyshev Chaotic Map to Construct Infinite Length Hash Chains. In ICCCAS 2004, volume 1, pages 11- 12.
Download


Paper Citation


in Harvard Style

Bittl S. (2014). Efficient Construction of Infinite Length Hash Chains with Perfect Forward Secrecy Using Two Independent Hash Functions . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 213-220. DOI: 10.5220/0005020502130220


in Bibtex Style

@conference{secrypt14,
author={Sebastian Bittl},
title={Efficient Construction of Infinite Length Hash Chains with Perfect Forward Secrecy Using Two Independent Hash Functions},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={213-220},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005020502130220},
isbn={978-989-758-045-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Efficient Construction of Infinite Length Hash Chains with Perfect Forward Secrecy Using Two Independent Hash Functions
SN - 978-989-758-045-1
AU - Bittl S.
PY - 2014
SP - 213
EP - 220
DO - 10.5220/0005020502130220