Cargando…
Attack Algorithm for a Keystore-Based Secret Key Generation Method
A new attack algorithm is proposed for a secure key generation and management method introduced by Yang and Wu. It was previously claimed that the key generation method of Yang and Wu using a keystore seed was information-theoretically secure and could solve the long-term key storage problem in clou...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2019
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7514693/ https://www.ncbi.nlm.nih.gov/pubmed/33266927 http://dx.doi.org/10.3390/e21020212 |
| _version_ | 1783586646985277440 |
|---|---|
| author | Chae, Seungjae Kim, Young-Sik No, Jong-Seon Kim, Young-Han |
| author_facet | Chae, Seungjae Kim, Young-Sik No, Jong-Seon Kim, Young-Han |
| author_sort | Chae, Seungjae |
| collection | PubMed |
| description | A new attack algorithm is proposed for a secure key generation and management method introduced by Yang and Wu. It was previously claimed that the key generation method of Yang and Wu using a keystore seed was information-theoretically secure and could solve the long-term key storage problem in cloud systems, thanks to the huge number of secure keys that the keystone seed can generate. Their key generation method, however, is considered to be broken if an attacker can recover the keystore seed. The proposed attack algorithm in this paper reconstructs the keystore seed of the Yang–Wu key generation method from a small number of collected keys. For example, when [Formula: see text] and [Formula: see text] , it was previously claimed that more than [Formula: see text] secure keys could be generated, but the proposed attack algorithm can reconstruct the keystone seed based on only 84 collected keys. Hence, the Yang–Wu key generation method is not information-theoretically secure when the attacker can gather multiple keys and a critical amount of information about the keystone seed is leaked. |
| format | Online Article Text |
| id | pubmed-7514693 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2019 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-75146932020-11-09 Attack Algorithm for a Keystore-Based Secret Key Generation Method Chae, Seungjae Kim, Young-Sik No, Jong-Seon Kim, Young-Han Entropy (Basel) Article A new attack algorithm is proposed for a secure key generation and management method introduced by Yang and Wu. It was previously claimed that the key generation method of Yang and Wu using a keystore seed was information-theoretically secure and could solve the long-term key storage problem in cloud systems, thanks to the huge number of secure keys that the keystone seed can generate. Their key generation method, however, is considered to be broken if an attacker can recover the keystore seed. The proposed attack algorithm in this paper reconstructs the keystore seed of the Yang–Wu key generation method from a small number of collected keys. For example, when [Formula: see text] and [Formula: see text] , it was previously claimed that more than [Formula: see text] secure keys could be generated, but the proposed attack algorithm can reconstruct the keystone seed based on only 84 collected keys. Hence, the Yang–Wu key generation method is not information-theoretically secure when the attacker can gather multiple keys and a critical amount of information about the keystone seed is leaked. MDPI 2019-02-23 /pmc/articles/PMC7514693/ /pubmed/33266927 http://dx.doi.org/10.3390/e21020212 Text en © 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Chae, Seungjae Kim, Young-Sik No, Jong-Seon Kim, Young-Han Attack Algorithm for a Keystore-Based Secret Key Generation Method |
| title | Attack Algorithm for a Keystore-Based Secret Key Generation Method |
| title_full | Attack Algorithm for a Keystore-Based Secret Key Generation Method |
| title_fullStr | Attack Algorithm for a Keystore-Based Secret Key Generation Method |
| title_full_unstemmed | Attack Algorithm for a Keystore-Based Secret Key Generation Method |
| title_short | Attack Algorithm for a Keystore-Based Secret Key Generation Method |
| title_sort | attack algorithm for a keystore-based secret key generation method |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7514693/ https://www.ncbi.nlm.nih.gov/pubmed/33266927 http://dx.doi.org/10.3390/e21020212 |
| work_keys_str_mv | AT chaeseungjae attackalgorithmforakeystorebasedsecretkeygenerationmethod AT kimyoungsik attackalgorithmforakeystorebasedsecretkeygenerationmethod AT nojongseon attackalgorithmforakeystorebasedsecretkeygenerationmethod AT kimyounghan attackalgorithmforakeystorebasedsecretkeygenerationmethod |