# Guessing Attacks on Distributed-Storage Systems

**Authors:** Annina Bracher, Eran Hof, Amos Lapidoth

arXiv: 1701.01981 · 2017-01-10

## TL;DR

This paper analyzes the security of distributed password storage by characterizing how well hints protect against guessing attacks, introducing new theoretical bounds and generalizations for multiple hints and observations.

## Contribution

It provides the first characterization of the maximum guessing effort an eavesdropper can achieve under distributed hint scenarios, with new results linking guessing and task-encoding problems.

## Key findings

- Characterized the exponent for Eve's guessing difficulty in two scenarios.
- Established a connection between guessing problems and task-encoding.
- Extended the model to multiple hints and observations, enhancing robustness.

## Abstract

The secrecy of a distributed-storage system for passwords is studied. The encoder, Alice, observes a length-n password and describes it using two hints, which she stores in different locations. The legitimate receiver, Bob, observes both hints. In one scenario the requirement is that the expected number of guesses it takes Bob to guess the password approach one as n tends to infinity, and in the other that the expected size of the shortest list that Bob must form to guarantee that it contain the password approach one. The eavesdropper, Eve, sees only one of the hints. Assuming that Alice cannot control which hints Eve observes, the largest normalized (by n) exponent that can be guaranteed for the expected number of guesses it takes Eve to guess the password is characterized for each scenario. Key to the proof are new results on Arikan's guessing and Bunte and Lapidoth's task-encoding problem; in particular, the paper establishes a close relation between the two problems. A rate-distortion version of the model is also discussed, as is a generalization that allows for Alice to produce {\delta} (not necessarily two) hints, for Bob to observe {\nu} (not necessarily two) of the hints, and for Eve to observe {\eta} (not necessarily one) of the hints. The generalized model is robust against {\delta} - {\nu} disk failures.

---
Source: https://tomesphere.com/paper/1701.01981