University of Hertfordshire

By the same authors

Gearing up: How to eat your cryptocake and still have it

Research output: Chapter in Book/Report/Conference proceedingOther chapter contribution


  • 906085

    Accepted author manuscript, 164 KB, PDF document

View graph of relations
Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Number of pages2
Publication statusPublished - 1 Jan 2011
Event19th International Security Protocols Workshop - Cambridge, United Kingdom
Duration: 28 Mar 201130 Mar 2011


Conference19th International Security Protocols Workshop
Country/TerritoryUnited Kingdom


Often Alice and Bob share a fixed quantity of master key and subsequently need to agree a larger amount of session key material. At present, they are inclined to be cautious about generating too much session key material from a single master key. We argue that this caution arises from their familiarity with keys consisting of a few dozen bytes, and may be misplaced when keys consist of many billions of bytes. In particular, if the proof that the master key was securely distributed depends on a bounded-memory assumption for Moriarty, then the same assumption also imposes constraints upon the cryptanalysis which Moriarty can apply to the generated session material. Block ciphers with (effectively) Terabit blocks allow a much higher ratio of session to master key than can be countenanced with current key lengths, and we construct one such cypher.

ID: 668434