{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T21:05:45Z","timestamp":1757624745529,"version":"3.44.0"},"publisher-location":"Cham","reference-count":46,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783032019004"},{"type":"electronic","value":"9783032019011"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-032-01901-1_12","type":"book-chapter","created":{"date-parts":[[2025,8,16]],"date-time":"2025-08-16T08:44:58Z","timestamp":1755333898000},"page":"371-403","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Cryptographic Treatment of Key Control Security"],"prefix":"10.1007","author":[{"given":"Ritam","family":"Bhaumik","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Avijit","family":"Dutta","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Akiko","family":"Inoue","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tetsu","family":"Iwata","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ashwin","family":"Jha","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kazuhiko","family":"Minematsu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mridul","family":"Nandi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yu","family":"Sasaki","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Meltem S\u00f6nmez","family":"Turan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Stefano","family":"Tessaro","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,8,17]]},"reference":[{"key":"12_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1007\/978-3-540-30144-8_12","volume-title":"Information Security","author":"C Adams","year":"2004","unstructured":"Adams, C., Kramer, G., Mister, S., Zuccherato, R.: On the security of key derivation functions. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 134\u2013145. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30144-8_12"},{"key":"12_CR2","unstructured":"ARM Trustzone CryptoCell-712. https:\/\/developer.arm.com\/documentation\/102897\/latest\/"},{"key":"12_CR3","unstructured":"Subkey derivation and authenticated encryption in ASP.NET Core. https:\/\/learn.microsoft.com\/en-us\/aspnet\/core\/security\/data-protection\/implementation\/subkeyderivation?view=aspnetcore-8.0"},{"key":"12_CR4","doi-asserted-by":"publisher","unstructured":"Barker, E., Chen, L., Roginsky, A., Vassilev, A., Davis, R., Simon, S.: Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-56B, Rvision 2 (2019). https:\/\/doi.org\/10.6028\/NIST.SP.800-56Br2","DOI":"10.6028\/NIST.SP.800-56Br2"},{"key":"12_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/978-3-540-78967-3_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"G Bertoni","year":"2008","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181\u2013197. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78967-3_11"},{"key":"12_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/978-3-642-38348-9_19","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"G Bertoni","year":"2013","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 313\u2013314. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_19"},{"key":"12_CR7","unstructured":"Bhaumik, R., et al.: Cryptographic Treatment of Key Control Security \u2013 In Light of NIST SP 800-108. IACR Cryptol. ePrint Arch. 2025\/1123 (2025)"},{"key":"12_CR8","doi-asserted-by":"publisher","unstructured":"Biryukov, A., Dinu, D., Khovratovich, D., Josefsson, S.: Argon2 Memory-Hard Function for Password Hashing and Proof-of-Work Applications. RFC 9106 (2021). https:\/\/doi.org\/10.17487\/RFC9106, https:\/\/www.rfc-editor.org\/info\/rfc9106","DOI":"10.17487\/RFC9106"},{"key":"12_CR9","doi-asserted-by":"publisher","unstructured":"Blum, M.: Coin flipping by telephone a protocol for solving impossible problems. SIGACT News 15(1), 23\u201327 (1983). https:\/\/doi.org\/10.1145\/1008908.1008911","DOI":"10.1145\/1008908.1008911"},{"key":"12_CR10","doi-asserted-by":"publisher","unstructured":"Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited (preliminary version). In: Vitter, J.S. (ed.) ACM Symposium on the Theory of Computing, 1998, pp. 209\u2013218. ACM (1998). https:\/\/doi.org\/10.1145\/276698.276741","DOI":"10.1145\/276698.276741"},{"key":"12_CR11","unstructured":"Cryptographic Algorithm Validation Program. https:\/\/csrc.nist.gov\/projects\/cryptographic-algorithm-validation-program"},{"key":"12_CR12","unstructured":"Huawei Mobile Devices with EMUI 11.0 Security Target. https:\/\/www.ocsi.gov.it\/documenti\/certificazioni\/huawei\/st_huawei_p40_emui11_v1.11.pdf"},{"key":"12_CR13","doi-asserted-by":"publisher","unstructured":"Chen, L.: Recommendation for Key Derivation Using Pseudorandom Functions. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-108 Rev.\u00a01 (2022). https:\/\/doi.org\/10.6028\/NIST.SP.800-108r1","DOI":"10.6028\/NIST.SP.800-108r1"},{"key":"12_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"205","DOI":"10.1007\/978-3-030-26948-7_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2019","author":"S Coretti","year":"2019","unstructured":"Coretti, S., Dodis, Y., Karthikeyan, H., Tessaro, S.: Seedless fruit is the sweetest: random number generation, revisited. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part I. LNCS, vol. 11692, pp. 205\u2013234. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-26948-7_8"},{"key":"12_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"430","DOI":"10.1007\/11535218_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"J-S Coron","year":"2005","unstructured":"Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damg\u00e5rd revisited: how to construct a hash function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430\u2013448. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11535218_26"},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"523","DOI":"10.1007\/978-3-540-24676-3_31","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"Y Dodis","year":"2004","unstructured":"Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523\u2013540. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24676-3_31"},{"key":"12_CR17","doi-asserted-by":"publisher","unstructured":"Dworkin, M.: Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-38B (2005). https:\/\/doi.org\/10.6028\/NIST.SP.800-38B-2005","DOI":"10.6028\/NIST.SP.800-38B-2005"},{"key":"12_CR18","doi-asserted-by":"crossref","unstructured":"Dworkin, M.: Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-38E (2010)","DOI":"10.6028\/NIST.SP.800-38e"},{"issue":"3","key":"12_CR19","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/s001459900025","volume":"10","author":"S Even","year":"1997","unstructured":"Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. J. Cryptol. 10(3), 151\u2013162 (1997)","journal-title":"J. Cryptol."},{"key":"12_CR20","unstructured":"Secure Channel Protocol 03 Card Specification v 2.2. https:\/\/globalplatform.org\/wp-content\/uploads\/2019\/03\/GPC_2.2_D_SCP03_v1.0.pdf"},{"key":"12_CR21","unstructured":"Thales Luna Cloud HSM SDK Reference guide. https:\/\/thalesdocs.com\/dpod\/services\/luna_cloud_hsm\/extern\/client_guides\/Content\/sdk\/extensions\/counter_mode_kdf_mechanisms.htm"},{"key":"12_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1007\/978-3-662-49384-7_15","volume-title":"Public-Key Cryptography \u2013 PKC 2016","author":"A H\u00fclsing","year":"2016","unstructured":"H\u00fclsing, A., Rijneveld, J., Song, F.: Mitigating multi-target attacks in hash-based signatures. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016, Part I. LNCS, vol. 9614, pp. 387\u2013416. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49384-7_15"},{"key":"12_CR23","unstructured":"Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices. Standard, IEEE Security in Storage Working Group"},{"key":"12_CR24","unstructured":"ISO\/IEC 19772:2020 Authenticated encryption. Standard, International Standard Organization"},{"key":"12_CR25","unstructured":"Jetson Linux API Reference Documentation. https:\/\/docs.nvidia.com\/jetson\/l4t-multimedia\/index.html"},{"key":"12_CR26","doi-asserted-by":"publisher","unstructured":"Kaliski, B.: PKCS #5: Password-Based Cryptography Specification Version 2.0. RFC 2898 (2000). https:\/\/doi.org\/10.17487\/RFC2898, https:\/\/www.rfc-editor.org\/info\/rfc2898","DOI":"10.17487\/RFC2898"},{"key":"12_CR27","doi-asserted-by":"publisher","unstructured":"Kelsey, J., jen Chang, S., Perlner, R.: SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash, and ParallelHash. (National Institute of Standards and Technology, Gaithersburg, MD), NIST Special Publication (SP) 800-185 (2016). https:\/\/doi.org\/10.6028\/NIST.SP.800-185","DOI":"10.6028\/NIST.SP.800-185"},{"key":"12_CR28","doi-asserted-by":"crossref","unstructured":"Kodwani, G., Arora, S., Atrey, P.K.: On security of key derivation functions in password-based cryptography. In: CSR 2021, pp. 109\u2013114. IEEE (2021)","DOI":"10.1109\/CSR51186.2021.9527961"},{"key":"12_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"631","DOI":"10.1007\/978-3-642-14623-7_34","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"H Krawczyk","year":"2010","unstructured":"Krawczyk, H.: Cryptographic extraction and key derivation: the HKDF scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631\u2013648. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-14623-7_34"},{"key":"12_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-540-24638-1_2","volume-title":"Theory of Cryptography","author":"U Maurer","year":"2004","unstructured":"Maurer, U., Renner, R., Holenstein, C.: Indifferentiability, impossibility results on reductions, and applications to the random oracle methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21\u201339. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24638-1_2"},{"key":"12_CR31","unstructured":"Nair, V., Song, D.: Multi-factor key derivation function (MFKDF) for fast, flexible, secure, & practical key management. In: USENIX Security Symposium, pp. 2097\u20132114. USENIX Association (2023)"},{"key":"12_CR32","doi-asserted-by":"publisher","unstructured":"National Institute of Standards and Technology: The Keyed-Hash Message Authentication Code (HMAC). Federal Information Processing Standards (FIPS) Publication 198-1 (2008). https:\/\/doi.org\/10.6028\/NIST.FIPS.198-1","DOI":"10.6028\/NIST.FIPS.198-1"},{"key":"12_CR33","doi-asserted-by":"publisher","unstructured":"National Institute of Standards and Technology: SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. Federal Information Processing Standards (FIPS) Publication 202 (2015). https:\/\/doi.org\/10.6028\/NIST.FIPS.202","DOI":"10.6028\/NIST.FIPS.202"},{"key":"12_CR34","unstructured":"National Institute of Standards and Technology: Public Comments and Resolutions on Draft NIST SP 800-108 Revision 1, Recommendation for Key Derivation Using Pseudorandom Functions (2022). https:\/\/csrc.nist.gov\/pubs\/sp\/800\/108\/r1\/upd1\/final"},{"key":"12_CR35","unstructured":"Huawei Mobile Devices with EMUI 11.0 Security Target. https:\/\/www.commoncriteriaportal.org\/files\/epfiles\/1136a_pdf.pdf"},{"key":"12_CR36","unstructured":"Oracle Linux 8 NSS Cryptographic Module. https:\/\/www.oracle.com\/a\/ocom\/docs\/corporate\/140sp4226.pdf"},{"key":"12_CR37","first-page":"1","volume":"7914","author":"C Percival","year":"2016","unstructured":"Percival, C., Josefsson, S.: The scrypt password-based key derivation function. RFC 7914, 1\u201316 (2016)","journal-title":"RFC"},{"key":"12_CR38","doi-asserted-by":"crossref","unstructured":"Rescorla, E., Lebovitz, G.M.: Cryptographic Algorithms for the TCP Authentication Option (TCP-AO). RFC 5926 (2010)","DOI":"10.17487\/rfc5926"},{"key":"12_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"487","DOI":"10.1007\/978-3-642-20465-4_27","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2011","author":"T Ristenpart","year":"2011","unstructured":"Ristenpart, T., Shacham, H., Shrimpton, T.: Careful with composition: limitations of the indifferentiability framework. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 487\u2013506. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-20465-4_27"},{"key":"12_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/978-3-540-25937-4_24","volume-title":"Fast Software Encryption","author":"P Rogaway","year":"2004","unstructured":"Rogaway, P., Shrimpton, T.: Cryptographic hash-function basics: definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 371\u2013388. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-25937-4_24"},{"key":"12_CR41","doi-asserted-by":"crossref","unstructured":"Seo, M., Park, J.H., Kim, Y., Cho, S., Lee, D.H., Hwang, J.Y.: Construction of a new biometric-based key derivation function and its application. Secur. Commun. Networks 2018, 6107912:1\u20136107912:14 (2018)","DOI":"10.1155\/2018\/6107912"},{"key":"12_CR42","doi-asserted-by":"crossref","unstructured":"Shen, Y., Wang, L., Gu, D.: Security analysis of NIST key derivation using pseudorandom functions. IACR Cryptol. ePrint Arch. 2025\/815 (2025)","DOI":"10.6028\/NIST.SP.800-108r1-upd1"},{"key":"12_CR43","unstructured":"Google Pixel Phones on Android 12.0 Security Target. https:\/\/www.commoncriteriaportal.org\/files\/epfiles\/st_vid11239-st.pdf"},{"key":"12_CR44","doi-asserted-by":"crossref","unstructured":"Touch, J.D., Bonica, R., Mankin, A.J.: The TCP Authentication Option. RFC 5925 (2010)","DOI":"10.17487\/rfc5925"},{"key":"12_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"199","DOI":"10.1007\/978-3-642-29101-2_14","volume-title":"Information Security Practice and Experience","author":"CC Wen","year":"2012","unstructured":"Wen, C.C., Dawson, E., Gonz\u00e1lez Nieto, J.M., Simpson, L.: A framework for security analysis of key derivation functions. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 199\u2013216. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29101-2_14"},{"key":"12_CR46","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1007\/978-3-642-39218-4_10","volume-title":"Security and Privacy Protection in Information Processing Systems","author":"CW Chuah","year":"2013","unstructured":"Chuah, C.W., Dawson, E., Simpson, L.: Key derivation function: the SCKDF scheme. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 125\u2013138. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-39218-4_10"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-01901-1_12","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,9]],"date-time":"2025-09-09T14:57:24Z","timestamp":1757429844000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-01901-1_12"}},"subtitle":["In Light of NIST SP 800-108"],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783032019004","9783032019011"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-01901-1_12","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"17 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"45","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}