Advertisement

Selecting a New Key Derivation Function for Disk Encryption

  • Milan Brož
  • Vashek Matyáš
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9331)

Abstract

Many full disk encryption applications rely on a strong password-based key derivation function to process a passphrase. This article defines requirements for key derivation functions and analyzes recently presented password hashing functions (second round finalists of the Password Hashing Competition) for their suitability for disk encryption.

Keywords

Disk encryption Key derivation Password hashing 

References

  1. 1.
    Password hashing competition (2014). https://password-hashing.net/
  2. 2.
    Aumasson, J.-P., Neves, S., Wilcox-O’Hearn, Z., Winnerlein, C.: BLAKE2: simpler, smaller, fast as MD5. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 119–135. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  3. 3.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Sponge functions. Ecrypt Hash Workshop 2007, May 2007Google Scholar
  4. 4.
    Biryukov, A., Khovratovich, D.: Argon and argon2, January 2015. https://password-hashing.net/submissions/specs/Argon-v2.pdf
  5. 5.
    Biryukov, A., Khovratovich, D.: Tradeoff cryptanalysis of memory-hard functions. Cryptology ePrint Archive, Report 2015/227 (2015). http://eprint.iacr.org/
  6. 6.
    Broz, M.: Password Hashing Competition second round candidates - tests Report Technical Report, April 2015. https://github.com/mbroz/PHCtest/raw/master/output/phc_round2.pdf
  7. 7.
    Cox, B.: Added multi-threading support to test suite. PHC mailing list archive, April 2015. http://article.gmane.org/gmane.comp.security.phc/2915
  8. 8.
    Dürmuth, M., Güneysu, T., Kasper, M., Paar, C., Yalcin, T., Zimmermann, R.: Evaluation of standardized password-based key derivation against parallel processing platforms. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 716–733. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  9. 9.
    Forler, C., List, E., Lucks, S., Wenzel, J.: Overview of the candidates for the password hashing competition - and their resistance against garbage-collector attacks. Cryptology ePrint Archive, Report 2014/881 (2014). http://eprint.iacr.org/
  10. 10.
    Forler, C., Lucks, S., Wenzel, J.: The Catena Password-Scrambling Framework, January 2015. https://password-hashing.net/submissions/specs/Catena-v3.pdf
  11. 11.
    Fruhwirth, C.: New methods in hard disk encryption. Ph.D. thesis, Institute for Computer Languages Theory and Logic Group Vienna University of Technology (2005). http://clemens.endorphin.org/publications
  12. 12.
    Gosney, J.M.: The pufferfish password hashing scheme, March 2014. https://password-hashing.net/submissions/specs/Pufferfish-v0.pdf
  13. 13.
    Hatzivasilis, G., Papaefstathiou, I., Manifavas, C.: Password hashing competition - survey and benchmark. Cryptology ePrint Archive, Report 2015/265 (2015). http://eprint.iacr.org/
  14. 14.
    Kaliski, B.: PKCS #5: Password-Based Cryptography Specification Version 2.0. RFC 2898 (Informational), September 2000. http://www.ietf.org/rfc/rfc2898.txt
  15. 15.
    Percival, C.: Stronger key derivation via sequential memory-hard functions, May 2009. http://www.tarsnap.com/scrypt/scrypt.pdf
  16. 16.
    Peslyak, A.: yescrypt - a password hashing competition submission, January 2015. https://password-hashing.net/submissions/specs/yescrypt-v1.pdf
  17. 17.
    Pornin, T.: The MAKWA Password Hashing Function, March 2014. https://password-hashing.net/submissions/specs/Makwa-v0.pdf
  18. 18.
    Simplicio, M.A., Almeida, L.C., Andrade, E.R., Barreto, P.S.L.M.: The Lyra2 reference guide, January 2015. https://password-hashing.net/submissions/specs/Lyra2-v3.pdf
  19. 19.
    Thomas, S.: battcrypt (Blowfish All The Things), March 2014. https://password-hashing.net/submissions/specs/battcrypt-v0.pdf
  20. 20.
  21. 21.
    Turan, M.S., Barker, E.B., Burr, W.E., Chen, L.: SP 800–132. Recommendation for Password-Based Key Derivation: Part 1: Storage Applications. Technical Report, National Institute of Standards and Technology, Gaithersburg, MD, United States (2010)Google Scholar
  22. 22.
    Wu, H.: POMELO: A Password Hashing Algorithm, January 2015. https://password-hashing.net/submissions/specs/POMELO-v2.pdf

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Faculty of InformaticsMasaryk UniversityBrnoCzech Republic

Personalised recommendations