Expanders, randomness, or time versus space
Journal of Computer and System Sciences - Structure in Complexity Theory Conference, June 2-5, 1986
Conditionally-perfect secrecy and a provably-secure randomized cipher
Journal of Cryptology - Eurocrypt '90
More deterministic simulation in logspace
STOC '93 Proceedings of the twenty-fifth annual ACM symposium on Theory of computing
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Public-key cryptography and password protocols
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Extracting randomness: a survey and new constructions
Journal of Computer and System Sciences
Password security: a case history
Communications of the ACM
Communications of the ACM
Securing passwords against dictionary attacks
Proceedings of the 9th ACM conference on Computer and communications security
UNIX Password Security - Ten Years Later
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
On Perfect and Adaptive Security in Exposure-Resilient Cryptography
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Entropy waves, the zig-zag graph product, and new constant-degree expanders and extractors
FOCS '00 Proceedings of the 41st Annual Symposium on Foundations of Computer Science
Number theoretic attacks on secure password schemes
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Encryption against Storage-Bounded Adversaries from On-Line Strong Extractors
Journal of Cryptology
Optimal Randomizer Efficiency in the Bounded-Storage Model
Journal of Cryptology
Authenticating secure tokens using slow memory access
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
A future-adaptive password scheme
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
Towards a theory of intrusion detection
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Harvesting verifiable challenges from oblivious online sources
Proceedings of the 14th ACM conference on Computer and communications security
Do strong web passwords accomplish anything?
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
How to Protect Yourself without Perfect Shredding
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
The Long-Short-Key Primitive and Its Applications to Key Security
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Non-malleable extractors and symmetric key cryptography from weak secrets
Proceedings of the forty-first annual ACM symposium on Theory of computing
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
Intrusion-resilient key exchange in the bounded retrieval model
TCC'07 Proceedings of the 4th conference on Theory of cryptography
On seed-incompressible functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Practical leakage-resilient pseudorandom generators
Proceedings of the 17th ACM conference on Computer and communications security
Practical leakage-resilient identity-based encryption from simple assumptions
Proceedings of the 17th ACM conference on Computer and communications security
Survey: leakage resilience and the bounded retrieval model
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
A lower bound on the key length of information-theoretic forward-secure storage schemes
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Leakage-resilient pseudorandom functions and side-channel attacks on Feistel networks
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Provably secure higher-order masking of AES
CHES'10 Proceedings of the 12th international conference on Cryptographic hardware and embedded systems
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Leakage-resilient RFID authentication with forward-privacy
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Parallel repetition for leakage resilience amplification revisited
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Achieving leakage resilience through dual system encryption
TCC'11 Proceedings of the 8th conference on Theory of cryptography
One-time computable self-erasing functions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Proceedings of the forty-third annual ACM symposium on Theory of computing
Key-evolution schemes resilient to space-bounded leakage
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Proofs of ownership in remote storage systems
Proceedings of the 18th ACM conference on Computer and communications security
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Public-Key encryption in the bounded-retrieval model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
The Multivariate Algorithmic Revolution and Beyond
Anonymous identity-based hash proof system and its applications
ProvSec'12 Proceedings of the 6th international conference on Provable Security
Towards super-exponential side-channel security with efficient leakage-resilient PRFs
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
SAuth: protecting user accounts from password database leaks
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
We introduce a formal model, which we call the Bounded Retrieval Model, for the design and analysis of cryptographic protocols remaining secure against intruders that can retrieve a limited amount of parties' private memory. The underlying model assumption on the intruders' behavior is supported by real-life physical and logical considerations, such as the inherent superiority of a party's local data bus over a remote intruder's bandwidth-limited channel, or the detectability of voluminous resource access by any local intruder. More specifically, we assume a fixed upper bound on the amount of a party's storage retrieved by the adversary. Our model could be considered a non-trivial variation of the well-studied Bounded Storage Model, which postulates a bound on the amount of storage available to an adversary attacking a given system. In this model we study perhaps the simplest among cryptographic tasks: user authentication via a password protocol. Specifically, we study the problem of constructing efficient password protocols that remain secure against offline dictionary attacks even when a large (but bounded) part of the storage of the server responsible for password verification is retrieved by an intruder through a remote or local connection. We show password protocols having satisfactory performance on both efficiency (in terms of the server's running time) and provable security (making the offline dictionary attack not significantly stronger than the online attack). We also study the tradeoffs between efficiency, quantitative and qualitative security in these protocols. All our schemes achieve perfect security (security against computationally-unbounded adversaries). Our main schemes achieve the interesting efficiency property of the server's lookup complexity being much smaller than the adversary's retrieval bound.