Within many cryptographic systems a key expansion function is used in order to derive more keying material from the master secret. The derived additional keys may be needed for multiple entities or for different cryptographic purposes such as privacy and authenticity. In this paper we wish to examine the soundness of the key expansion functions on the view point of provable security framework. Especially we focus on the key expansion functions using PRFs(pseudorandom functions) which are recommended by NIST, and show that the variant of Double-Pipeline Iteration mode using PRPs(pseudorandom permutations) is secure, while the variants of Counter and Feedback modes using PRPs are insecure. In practice secure block ciphers such as AES can be regarded as PRPs.