In this presentation, I discuss my recent project that aims to make time-series data better encrypted. Currently, encryption among several clients relies on static keys. This is far from ideal, as it means that compromised keys can result in the entire communication chain becoming compromised. Using polynomials, we can efficiently update shared keys among large networks. Applications for this include:
- VoIP and Teleconferencing
- DRM for TV Networks
- Secure Radio Broadcasts
- Group Messaging
Learn more at https://www.alexbeaver.com/events/encryption-of-time-series-data
2. Alex Beaver
1st Year CSEC Major
• From SF Bay Area
• 2 Enterprise Security
Internships
• Interested in
cryptography and
secure communication
21 January 2022 alexbeaver.com 2
3. Agenda
• The State of Key
Ratcheting
• A Scalable Solution
• Potential Use Cases
21 January 2022 alexbeaver.com 3
4. Agenda
• The State of Key
Ratcheting
• A Scalable Solution
• Potential Use Cases
21 January 2022 alexbeaver.com 4
5. How do You Secure
Communication
Between Many
Clients?
21 January 2022 alexbeaver.com 5
18. Deriving a Key from a Polynomial
21 January 2022 alexbeaver.com 18
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Key
Polynomial
19. Deriving a Nonce from a Polynomial
21 January 2022 alexbeaver.com 19
Nonce
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Key
20. Deriving a Next X from a Polynomial
21 January 2022 alexbeaver.com 20
X
ID*
* May not be necessary depending on configuration
Nonce
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Key
21. What Do
We Have?
• Common Algorithm
Across All Clients
• Convert Highly Flexible
Data Set to AES-256
Keys
• Missing Key Ratcheting
21 January 2022 alexbeaver.com 21
24. Modify
Coefficients
• Establish a changelog
• Wrap around sent data
• If a client does not
receive, loses access to
chain
• Lightning fast
21 January 2022 alexbeaver.com 24
25. The Concept
21 January 2022 alexbeaver.com 25
MSG 1 MSG 2 MSG 3 MSG 4
Changelog Changelog Changelog Changelog
26. Single Packet Compromise
• Attacker likely doesn’t have coefficient set
• Cannot go backwards
• Have “next x” n iterations in the future
• Would have to compromise n sequential packets
• Coefficients more difficult to brute-force than sym. key
• Unknown # of coefficients
21 January 2022 alexbeaver.com 26
27. Caveats
• Recovery mechanism
• Client Kick
• Works best when # coefficients bounded (1024-8192)
• Expensive
• If coefficients at any stage compromised, chain
becomes compromised
• NaN/∞
21 January 2022 alexbeaver.com 27
28. What Do
We Have?
• Common Algorithm
Generate Keys
• Independent
Ratcheting
• Compromised packet
does not compromise
security
• Constant complexity
21 January 2022 alexbeaver.com 28
29. Agenda
• The State of Key
Ratcheting
• A Scalable Solution
• Potential Use Cases
21 January 2022 alexbeaver.com 29