CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Strong password-only authenticated key exchange
ACM SIGCOMM Computer Communication Review
Communications of the ACM
Securing passwords against dictionary attacks
Proceedings of the 9th ACM conference on Computer and communications security
Virtual Software Tokens - A Practical Way to Secure PKI Roaming
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Extended Password Key Exchange Protocols Immune to Dictionary Attacks
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
An Intrusion-Tolerant Password Authentication System
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Spy-resistant keyboard: more secure password entry on public touch screen displays
OZCHI '05 Proceedings of the 17th Australia conference on Computer-Human Interaction: Citizens Online: Considerations for Today and the Future
An anti-spam scheme using pre-challenges
Computer Communications
Authenticated key exchange secure against dictionary attacks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
CAPTCHA: using hard AI problems for security
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
| Hi-index | 0.00 |
Due to the explosive growth of the Internet and the pervasion of multimedia, protection of IP rights of digital content in transactions induces people's concerns. For fee-based media services, data encryption may be the best solution for protection of the media. The encryption (decryption) keys placement may be a trivial but crucial issue for users. It is a significant issue that how to practically protect user's key with the password-based cryptographic scheme and at different security levels. Nowadays, key container storing user's key can be implemented by hardware or software-only. Unfortunately, the hardware key containers require expensive infrastructure; On the other hand, the software-only key containers are either insecure or impractical. Moreover, both of the hardware and software just store user's key with the single security level. To solve these problems, we propose a novel software key container in on-line media services that can provide an adaptively secure and practical solution to protect user's key. We use a human-trapdoor distortion function and symmetric cipher to protect user's key in our key container so that it is computationally infeasible to break the system by using machine attack alone. The idea is to ensure that people must participate to verify each guessed password in the attack. User can adjust the security level of container according to the security requirement. Therefore, the attacker cannot succeed to extract user's key within a reasonable time and budget.