Tuesday, January 22, 2013

A Guess on the Encryption Design of MEGA

The newly relaunched MEGA, successor to MegaUpload, raised lots of fanfare on the net. A novel feature of the new MEGA site is its encryption function. There are two interesting articles about the encryption technique in the new MEGA site. One from Ars Technica questioned the security and usefulness of MEGA encryption design (http://arstechnica.com/business/2013/01/megabad-a-quick-look-at-the-state-of-megas-encryption/). The other posted by MEGA blog address those concerns (https://mega.co.nz/#blog_3).

 In my opinion, the editor of Ars Technica does not understand or at least misunderstands MEGA's encryption design. There are some comments of that Ars article that explained the basic idea quite clearly, which was confirmed by Mega's reply.

 If my guess is right, the Encryption Design of MEGA is illustrated in the figure below. A pdf version of the figure is at https://www.box.com/s/uswje6orhhqahyv97ijk