Information-theoretically secure key generation and management

No Thumbnail Available
File version
Yang, EH
Wu, XW
Griffith University Author(s)
Primary Supervisor
Other Supervisors
File type(s)

Aachen, Germany


In this paper, we address the problems of key generation and management for enabling one-key-for-one-file secure encryption, where every file is encrypted by using an independent random key, which is highly desired in long-term protection of data stored on public clouds and other applications. A new concept dubbed information-theoretical ϵ-security is introduced to measure the security of a keystore (i.e., a set of random keys, ki, 1 ≤ i ≤ Λ, each consisting of l bits) which are generated from a random string of L bits, called the keystore seed. An efficient keystore generation scheme is presented, and the resulting keystore Ψ = {ki :1 ≤ i ≤ Λ} is shown to be information-theoretically e-secure with small e. Specifically, they satisfy the following properties: (1) Λ ≫ L is sufficiently large to realize one-key-for-one-file encryption for applications with a large number of files; (2) for any key index i, the key ki is uniformly distributed over the key space {0,1}1 and hence statistically independent of i if i is chosen randomly; (3) for any two independent i, j, 1 ≤ i, j ≤ Λ, the probability that ki = kj is less than (1 - ϵ) × 2-l + ϵ and (4) for any two independent key indices i and j, knowing i, j, and ki does not reduce the amount of uncertainty about kj significantly, i.e., the conditional Shannon entropy H (kj |i, j, ki)is at least as large as (1 - ϵ)H(kj | j). These security properties along with easy generation of each key ki from the keystore seed and the key index i remove most challenges in distributing and managing a large number of random keys.

Journal Title
Conference Title

IEEE International Symposium on Information Theory - Proceedings

Book Title
Thesis Type
Degree Program
Publisher link
Patent number
Grant identifier(s)
Rights Statement
Rights Statement
Item Access Status
Access the data
Related item(s)

Cybersecurity and privacy not elsewhere classified

Persistent link to this record