On-the-fly Key Regeneration
I referred to ‘on-the-fly’ key regeneration in my earlier post “Cryptography and Expanded Password System”
The core logic is so simple and plain that this non-technology man was able to come up with overnight. I do not think it needs to be kept confidential.
Each image is represented by a very long identifier data. The entropy of the identifier data summed up out of the several images the use picks up is very high to the extent that it works as the seed for generating unique encryption key.
Once the key gets generated and used for encryption, the seed and key will be eliminated while the software program remembers the formula for calculation.
For decryption, the user picks up the correct images, the identifier data getting summed up to generate the seed, which will be put into the formula to calculate the key. The seed and key will be eliminated once the decryption is over.
For actual implementation, some mathematical tweaks are added for obfuscation. For asymmetric cryptography, some more tweaks are incorporated.
Cryptography and Expanded Password System
Prof. Hideki Imai, who pushed my back to move ahead confidently in 2001 when he was the chair of Japan’s CRYPTREC, used to emphasize repeatedly how critical it is to get the credential data hashed whether online or offline. It is from him that I learnt about Deffie-Hellman Key Exchange, Elliptic Curve Cryptography, etc.
We jointly tried the methodology of using the high-entropy credential data generated by Expanded Password System (EPS) as the seed of RSA key pair; the user's private key does not physically exist anywhere in the universe, but it can be re-generated in-the-fly out of the images that the user picks up for authentication for each login. It proved to work on the internet.
Thereafter, we took up the experiment of incorporating EPS into PAKE. We were able to demonstrate that it worked with no friction in the lab environment.
These projects, sponsored by government agencies, were completed in 2003 – 2004. In retrospect, we seem to have started these forward-looking projects a bit too early.
Cryptography helps EPS, and EPS helps Cryptography.