Abstract
HMAC_DRBG is a deterministic random bit generator using HMAC specified in NIST SP 800-90. The document claims that HMAC_DRBG is a pseudorandom bit generator if HMAC is a pseudorandom function. However, no proof is given in the document. This article provides a security analysis of HMAC_DRBG and confirms the claim.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
American National Standards Institute. Public key cryptography for the financial services industry: The elliptic curve digital signature algorithm (ECDSA). ANSI X9.62-1998 (1998)
American National Standards Institute. Digital signatures using reversible public key cryptography for the financial services industry (rDSA). ANSI X9.31-1998 (1998)
Barker, E., Kelsey, J.: Recommendation for random number generation using deterministic random bit generators (revised). NIST Special Publication 800-90 (2007)
Bellare, M.: New proofs for NMAC and HMAC: Security without collision-resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 602–619. Springer, Heidelberg (2006), http://eprint.iacr.org/
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Brown, D.R., Gjøsteen, K.: A security analysis of the NIST SP 800-90 elliptic curve random number generator. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 466–481. Springer, Heidelberg (2007)
Campagna, M.J.: Security bounds for the NIST codebook-based deterministic random bit generator. Cryptology ePrint Archive: Report 2006/379, http://eprint.iacr.org/
Desai, A., Hevia, A., Yin, Y.L.: A practice-oriented treatment of pseudorandom number generators. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 368–383. Springer, Heidelberg (2002)
Kan, W.: Analysis of underlying assumptions in NIST DRBGs. Cryptology ePrint Archive: Report 2007/345, http://eprint.iacr.org/
Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Cryptanalytic attacks on pseudorandom number generators. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 168–188. Springer, Heidelberg (1998)
U.S. Department of Commerce/National Institute of Standards and Technology. Digital signature standard (DSS). Federal Information Processing Standards Publication 186-2 (+Change Notice) (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hirose, S. (2009). Security Analysis of DRBG Using HMAC in NIST SP 800-90. In: Chung, KI., Sohn, K., Yung, M. (eds) Information Security Applications. WISA 2008. Lecture Notes in Computer Science, vol 5379. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00306-6_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-00306-6_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00305-9
Online ISBN: 978-3-642-00306-6
eBook Packages: Computer ScienceComputer Science (R0)