Security analysis of the ISO standard $$\textsf{OFB}$$ - $$\textsf{DRBG}$$

IF 1.4 2区数学 Q3 COMPUTER SCIENCE, THEORY & METHODS Designs, Codes and Cryptography Pub Date : 2024-06-27 DOI:10.1007/s10623-024-01449-z

Woohyuk Chung, Hwigyeom Kim, Jooyoung Lee, Yeongmin Lee

{"title":"Security analysis of the ISO standard $$\\textsf{OFB}$$ - $$\\textsf{DRBG}$$","authors":"Woohyuk Chung, Hwigyeom Kim, Jooyoung Lee, Yeongmin Lee","doi":"10.1007/s10623-024-01449-z","DOIUrl":null,"url":null,"abstract":"Deterministic random bit generators (DRBGs) are essential tools in modern cryptography for generating secure and unpredictable random numbers. The ISO DRBG standards provide guidelines for designing and implementing DRBGs, including four algorithms: \$\\textsf{HASH}\\text {-}\\textsf{DRBG}\$, \$\\textsf{HMAC}\\text {-}\\textsf{DRBG}\$, \$\\textsf{CTR}\\text {-}\\textsf{DRBG}\$, and \$\\textsf{OFB}\\text {-}\\textsf{DRBG}\$. While security analyses have been conducted for the former three algorithms, there is a lack of specific security analysis for the \$\\textsf{OFB}\$-\$\\textsf{DRBG}\$ algorithm. We prove its security in the robustness security framework that has been used to analyze \$\\mathsf {CTR\\text {-}DRBG}\$ by Hoang and Shen at Crypto 2020. More precisely, we prove that \$\\textsf{OFB}\$-\$\\textsf{DRBG}\$ provides \$O(\\min \\left\\{ \\frac{\\lambda }{3}, \\frac{n}{2} \\right\\} )\$-bit security, including ideal cipher queries, where \$\\lambda \$ and n denote the lower bound of min-entropy and the size of the underlying block cipher, respectively. The proof strategy is to transform the robustness game of \$\\textsf{OFB}\$-\$\\textsf{DRBG}\$ into an indistinguishability game and then apply the H-coefficient technique to upper bound the distinguishing advantage.","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":"48 1","pages":""},"PeriodicalIF":1.4000,"publicationDate":"2024-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Designs, Codes and Cryptography","FirstCategoryId":"100","ListUrlMain":"https://doi.org/10.1007/s10623-024-01449-z","RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Deterministic random bit generators (DRBGs) are essential tools in modern cryptography for generating secure and unpredictable random numbers. The ISO DRBG standards provide guidelines for designing and implementing DRBGs, including four algorithms: $\textsf{HASH}\text {-}\textsf{DRBG}$, $\textsf{HMAC}\text {-}\textsf{DRBG}$, $\textsf{CTR}\text {-}\textsf{DRBG}$, and $\textsf{OFB}\text {-}\textsf{DRBG}$. While security analyses have been conducted for the former three algorithms, there is a lack of specific security analysis for the $\textsf{OFB}$-$\textsf{DRBG}$ algorithm. We prove its security in the robustness security framework that has been used to analyze $\mathsf {CTR\text {-}DRBG}$ by Hoang and Shen at Crypto 2020. More precisely, we prove that $\textsf{OFB}$-$\textsf{DRBG}$ provides $O(\min \left\{ \frac{\lambda }{3}, \frac{n}{2} \right\} )$-bit security, including ideal cipher queries, where $\lambda $ and n denote the lower bound of min-entropy and the size of the underlying block cipher, respectively. The proof strategy is to transform the robustness game of $\textsf{OFB}$-$\textsf{DRBG}$ into an indistinguishability game and then apply the H-coefficient technique to upper bound the distinguishing advantage.

Abstract Image

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

ISO 标准 $$textsf{OFB}$ - $$textsf{DRBG}$ 的安全分析

确定性随机比特生成器（DRBG）是现代密码学中生成安全和不可预测随机数的重要工具。ISO DRBG 标准提供了设计和实施 DRBG 的指南，包括四种算法：$\textsf{HASH}\text {-}textsf\{DRBG}$,$\textsf{HMAC}\text {-}textsf\{DRBG}$,$\textsf{CTR}\text {-}textsf\{DRBG}$, and$\textsf{OFB}\text {-}textsf\{DRBG}$.虽然已经对前三种算法进行了安全分析，但还缺乏对（\textsf{OFB}\）-（\textsf{DRBG}\）算法的具体安全分析。我们在鲁棒性安全框架中证明了它的安全性，该框架已被Hoang和Shen在Crypto 2020会议上用于分析$\mathsf {CTR\text {-}DRBG}$ 算法。更准确地说，我们证明了（textsf{OFB}\）-（textsf{DRBG}\）提供了（O(min \left\{ \frac{lambda }{3}, \frac{n}{2} \right\} ）比特安全性，包括理想密码查询，其中（$\lambda \）和n分别表示最小熵的下限和底层块密码的大小。证明策略是将\(\textsf{OFB}$-$\textsf{DRBG}$的鲁棒性博弈转化为不可区分性博弈，然后应用H系数技术对区分优势进行上界。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Designs, Codes and Cryptography 工程技术-计算机：理论方法

CiteScore

2.80

自引率

12.50%

发文量

157

审稿时长

16.5 months

期刊介绍： Designs, Codes and Cryptography is an archival peer-reviewed technical journal publishing original research papers in the designated areas. There is a great deal of activity in design theory, coding theory and cryptography, including a substantial amount of research which brings together more than one of the subjects. While many journals exist for each of the individual areas, few encourage the interaction of the disciplines. The journal was founded to meet the needs of mathematicians, engineers and computer scientists working in these areas, whose interests extend beyond the bounds of any one of the individual disciplines. The journal provides a forum for high quality research in its three areas, with papers touching more than one of the areas especially welcome. The journal also considers high quality submissions in the closely related areas of finite fields and finite geometries, which provide important tools for both the construction and the actual application of designs, codes and cryptographic systems. In particular, it includes (mostly theoretical) papers on computational aspects of finite fields. It also considers topics in sequence design, which frequently admit equivalent formulations in the journal’s main areas. Designs, Codes and Cryptography is mathematically oriented, emphasizing the algebraic and geometric aspects of the areas it covers. The journal considers high quality papers of both a theoretical and a practical nature, provided they contain a substantial amount of mathematics.