Open Access iconOpen Access

crossmark

Vulnerability Analysis of MEGA Encryption Mechanism

Qingbing Ji1,2,*, Zhihong Rao1,2, Lvlin Ni2, Wei Zhao2, Jing Fu3

1 School of Cybersecurity, Northwestern Polytechnical University, Xi’an, 710072, China
2 No.30 Institute of CETC, Chengdu, 610041, China
3 Eberly College of Science, Pennsylvania State University-University Park, PA, 16802, USA

* Corresponding Author: Qingbing Ji. Email: email

Computers, Materials & Continua 2022, 73(1), 817-829. https://doi.org/10.32604/cmc.2022.026949

Abstract

MEGA is an end-to-end encrypted cloud storage platform controlled by users. Moreover, the communication between MEGA client and server is carried out under the protection of Transport Layer Security (TLS) encryption, it is difficult to intercept the key data packets in the process of MEGA registration, login, file data upload, and download. These characteristics of MEGA have brought great difficulties to its forensics. This paper presents a method to attack MEGA to provide an effective method for MEGA’s forensics. By debugging the open-source code of MEGA and analyzing the security white paper published, this paper first clarifies the encryption mechanism of MEGA, including the detailed process of registration, login, and file encryption, studies the encryption mechanism of MEGA from the perspective of protocol analysis, and finds out the vulnerability of MEGA encryption mechanism. On this basis, a method to attack MEGA is proposed, and the secret data stored in the MEGA server can be accessed or downloaded; Finally, the efficiency of the attack method is analyzed, and some suggestions to resist this attack method are put forward.

Keywords


Cite This Article

Q. Ji, Z. Rao, L. Ni, W. Zhao and J. Fu, "Vulnerability analysis of mega encryption mechanism," Computers, Materials & Continua, vol. 73, no.1, pp. 817–829, 2022.



cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 906

    View

  • 538

    Download

  • 0

    Like

Share Link