SCU-PRF : constructing a secure channel using a pseudorandom function
The establishment of a secure channel of communication between two parties is a primary goal of modern cryptography. In an ideal world, the secure channel is a dedicated, untappable, and impenetrable method of transmitting data between a sender and receiver. An adversary would be unable to see or modify any information crossing the channel. Unfortunately, that is not possible in the real world. Most communication is done using channels that are susceptible to eavesdropping and interference. In order to overcome these problem cryptography attempts to recreate the secure channel in order to provide confidentiality and authenticity to all communications between two parties. Pseudorandom functions provide an ideal starting point for designing cryptographic primitives that met these goals. Work done by Philip Rogaway and Mihir Bellare has shown the usefulness of a random oracle as a starting point for developing asymmetric-key cryptographic primitives. This paper expands on that concept by providing algorithms that meet the goals of confidentiality and authenticity by using a conceptual pseudorandom function to construct a set of symmetric-key cryptographic primitives. Due to it's flexibility and simplicity, a conceptual pseudorandom function is used to construct a symmetric-key cipher and a message authentication code that are both simple and efficient, while meeting the requirements of a confidentiality and authenticity. Based on those two primitives, an authenticated encryption scheme is built in order to provide the guarantees of the secure channel. This paper provides the design and implementation for the SCU-PRF, a pseudorandom function created by combining the Salsa20 stream cipher and the VHASH universal hash function. The SCU-PRF is designed with the goal of efficiency, requiring little more computation than the base components of Salsa20 and VHASH. Using the algorithms built with the conceptual PRF, a complete implementation of the protocols is created using SCU-PRF. When tested SCU-PRF proved to be an efficient and flexible pseudorandom function with a performance profile ideal for constructing a high efficiency secure channel.