Abstract:
The storage of cryptographic keys is a significant concern in security systems, as keys can
become a target for adversaries. The centralized storage of keys brings about the concern of a
single point of failure, where if an adversary gains access to the central storage location, all
keys stored within it could be compromised. Additionally, storing keys on devices poses a risk
of key theft through physical attacks on the device or through remote attacks where an
adversary gains access to the device through a vulnerability in the system. Modern solutions,
including PUF and TPM, give rise to inherent problems like cost, stability and reproducibility.
Moreover, with the proliferation of keys, the management complexity escalates, which can
make it difficult to maintain the security and integrity of cryptographic systems. In addition to
the costs associated with key storage, there are also costs associated with the maintenance and
management of keys. This includes the cost of personnel who are responsible for managing
the keys, as well as the cost of systems and processes that are used to guarantee protection and
soundness of the keys. Symmetric keys, in particular, are susceptible to theft since they are
typically stored in plaintext form, making them easy to identify and use for unauthorized
access. The theft of symmetric keys can have severe consequences, such as the unauthorized
disclosure of confidential information or the manipulation of data. To tackle these issues, this
research presents a novel MAC address based key extraction and secrecy scheme that
eliminates the need for stored keys and improves the security of cryptographic systems by
utilizing a device's unique MAC address to derive a symmetric key. This scheme can be used
for both one-to-one and group communication and can also be integrated with modern
symmetric key algorithms.
