Reply to post: Re: Is there single key ?

Kaseya obtains REvil decryptor, starts sharing it with afflicted customers

Michael Wojcik Silver badge

Re: Is there single key ?

There are much simpler approaches. One is to encrypt data on each victim machine with a random key, and leave copies of that random key on the victim machine, encrypted with a per-target key and a global key. Then either the per-target key or the global key can be used to decrypt the data on that particular machine.

The per-target key can be produced by a KDF that takes as input some global secret and some data derivable from the target organization, so the attackers don't have to store the keys.

That's just as secure, and far more scalable, than having some central database of encryption keys for every system.

There's a large body of literature on key splitting and key sharing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon