## Can a finite key offer unlimited mathematical security — Circumventing Shannon’s Proof?

Claude Shannon proved that perfect security is achievable for plaintext no longer than the encryption key. But there appears to be a way to circumvent this theoretical limitation with great cryptographic consequences

Claude Shannon referred to a key, the information in which, KI, was used to convert a plaintext to a ciphertext. But what if the shared key, Ks, is first used to derive another key a ‘derive key’, Kd. And Kd is used to encrypt a plaintext P to a ciphertext C:

C = Enc(P, Kd)

And what if there are infinite number of keys K1, K2, ….. that when subjected to the same derivation process, generate the sam derived key, Kd. This many-to-one relationship is very common in math. For example the shared key may be a collection of integers, and the derived key is the mathematical average of this collection. Clearly there are infinite collections of integers that share the same mathematical average. For example Ks1 = {4, 12, 8} , and Ks2 = {7, 9}. In both cases the derived key will be Kd1 = Kd2 = 8.

In that case even if the derived key is extracted from the ciphertext, the shared key remains unknown, enjoying an infinity size equivocation.

Now imagine that after some use of Kd1 one party sends the other a conversion formula with which to transform the shared key, Ks to another key, K’s. And then use K’s to derive a corresponding derived key, K’d.

Now even suppose that the cryptanalyst extracted K’d from the used ciphertext. This will not point him to the shared key, K’s because there are infinite possibilities of shared key.

The parties will repeat this protocol indefinitely and thereby keep a finite key providing infinite, non deteriorating service.

In practice the parties will stop using a derived key before it is likely to be extracted, and move to the next derived key instead.

For details check: https://eprint.iacr.org/2021/458