Abstract
Password-based key derivation functions (PBKDFs) are commonly used to transform user passwords into keys for symmetric encryption, as well as for user authentication, password hashing, and preventing attacks based on custom hardware. We propose two optimized alternatives that enhance the performance of a previously published PBKDF. This design is based on (1) employing a symmetric cipher, the Advanced Encryption Standard (AES), as a pseudo-random generator and (2) taking advantage of the support for the hardware acceleration for AES that is available on many common platforms in order to mitigate common attacks to password-based user authentication systems. We also analyze their security characteristics, establishing that they are equivalent to the security of the core primitive (AES), and we compare their performance with well-known PBKDF algorithms, such as Scrypt and Argon2, with favorable results.
Highlights
Key derivation functions are employed to obtain one or more keys from a master secret. This is especially useful in the case of user passwords, which can be of arbitrary length and are unsuitable to be used directly as fixed-size cipher keys, so, there must be a process for converting passwords into secret keys. This process is performed by password-based key derivation functions (PBKDFs)
PBKDFs are called password hashing functions, and they are commonly employed in user authentication since they have certain advantages over other password processing methods: they are capable of accepting a salt, preventing precalculated table attacks; they are one-way functions, so the hashed password database cannot be reversed if it is stolen; and they can usually be parameterized in terms of temporal and memory cost to prevent attacks based on massively parallel hardware, like general-purpose graphical processing units (GPGPU)
We optimized a previously published password-based key derivation function that employs the Advanced Encryption Standard (AES) in counter mode as a core primitive, proposing two new algorithms based on the original design: a more conservative optimization and a fully optimized one
Summary
Key derivation functions are employed to obtain one or more keys from a master secret This is especially useful in the case of user passwords, which can be of arbitrary length and are unsuitable to be used directly as fixed-size cipher keys, so, there must be a process for converting passwords into secret keys. This process is performed by password-based key derivation functions (PBKDFs). Besides password hashing and key derivation, PBKDFs have found applications in the field of cryptocurrencies and blockchain algorithms, where they are used as proof-of-work functions for such designs (see [12])
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
