Guessing Attacks on Distributed-Storage Systems
Annina Bracher, Eran Hof, Amos Lapidoth

TL;DR
This paper analyzes the security of distributed password storage by characterizing how well hints protect against guessing attacks, introducing new theoretical bounds and generalizations for multiple hints and observations.
Contribution
It provides the first characterization of the maximum guessing effort an eavesdropper can achieve under distributed hint scenarios, with new results linking guessing and task-encoding problems.
Findings
Characterized the exponent for Eve's guessing difficulty in two scenarios.
Established a connection between guessing problems and task-encoding.
Extended the model to multiple hints and observations, enhancing robustness.
Abstract
The secrecy of a distributed-storage system for passwords is studied. The encoder, Alice, observes a length-n password and describes it using two hints, which she stores in different locations. The legitimate receiver, Bob, observes both hints. In one scenario the requirement is that the expected number of guesses it takes Bob to guess the password approach one as n tends to infinity, and in the other that the expected size of the shortest list that Bob must form to guarantee that it contain the password approach one. The eavesdropper, Eve, sees only one of the hints. Assuming that Alice cannot control which hints Eve observes, the largest normalized (by n) exponent that can be guaranteed for the expected number of guesses it takes Eve to guess the password is characterized for each scenario. Key to the proof are new results on Arikan's guessing and Bunte and Lapidoth's task-encoding…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
