Next Article in Journal
Review of Substrate Integrated Waveguide Circuits for Beam-Forming Networks Working in X-Band
Next Article in Special Issue
Special Issue on “Side Channel Attacks”
Previous Article in Journal
Minimum-Time Attitude Maneuver and Robust Attitude Control of Small Satellite Mounted with Data Relay Communication Antenna
Previous Article in Special Issue
Chaos-Based Physical Unclonable Functions
Open AccessArticle

Re-Keying Scheme Revisited: Security Model and Instantiations

Toshiba Corporation, Kawasaki 212-8582, Japan
Faculty of Engineering, University of Fukui, Fukui 910-8507, Japan
Author to whom correspondence should be addressed.
Appl. Sci. 2019, 9(5), 1002;
Received: 31 January 2019 / Revised: 4 March 2019 / Accepted: 4 March 2019 / Published: 11 March 2019
(This article belongs to the Special Issue Side Channel Attacks)
The re-keying scheme is a variant of the symmetric encryption scheme where a sender (respectively, receiver) encrypts (respectively, decrypts) plaintext with a temporal session key derived from a master secret key and publicly-shared randomness. It is one of the system-level countermeasures against the side channel attacks (SCAs), which make attackers unable to collect enough power consumption traces for their analyses by updating the randomness (i.e., session key) frequently. In 2015, Dobraunig et al. proposed two kinds of re-keying schemes. The first one is a scheme without the beyond birthday security, which fixes the security vulnerability of the previous re-keying scheme of Medwed et al. Their second scheme is an abstract scheme with the beyond birthday security, which, as a black-box, consists of two functions; a re-keying function to generate a session key and a tweakable block cipher to encrypt plaintext. They assumed that the tweakable block cipher was ideal (namely, secure against the related key, chosen plaintext, and chosen ciphertext attacks) and proved the security of their scheme as a secure tweakable block cipher. In this paper, we revisit the re-keying scheme. The previous works did not discuss security in considering the SCA well. They just considered that the re-keying scheme was SCA resistant when the temporal session key was always refreshed with randomness. In this paper, we point out that such a discussion is insufficient by showing a concrete attack. We then introduce the definition of an SCA-resistant re-keying scheme, which captures the security against such an attack. We also give concrete schemes and discuss their security and applications. View Full-Text
Keywords: side channel attack; re-keying; tweakable block cipher; provable security side channel attack; re-keying; tweakable block cipher; provable security
Show Figures

Figure 1

MDPI and ACS Style

Komano, Y.; Hirose, S. Re-Keying Scheme Revisited: Security Model and Instantiations. Appl. Sci. 2019, 9, 1002.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

Search more from Scilit
Back to TopTop