Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Comparing information without leaking it
Communications of the ACM
Protecting secret keys with personal entropy
Future Generation Computer Systems - Special issue on security on the Web
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Error-tolerant password recovery
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Delegation of cryptographic servers for capture-resilient devices
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Targeted Advertising ... And Privacy Too
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Threshold Password-Authenticated Key Exchange
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Server-Assisted Generation of a Strong Secret from a Password
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
The Decision Diffie-Hellman Problem
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
Encrypted Key Exchange: Password-Based Protocols SecureAgainst Dictionary Attacks
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Noisy polynomial interpolation and noisy chinese remaindering
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Fortifying password authentication in integrated healthcare delivery systems
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
An efficient password-only two-server authenticated key exchange system
ICICS'07 Proceedings of the 9th international conference on Information and communications security
A secure dynamic identity based authentication protocol for multi-server architecture
Journal of Network and Computer Applications
Password-protected secret sharing
Proceedings of the 18th ACM conference on Computer and communications security
Two-server password-only authenticated key exchange
Journal of Computer and System Sciences
Two-Server password-only authenticated key exchange
ACNS'05 Proceedings of the Third international conference on Applied Cryptography and Network Security
SSO password-based multi-server authentication protocol
International Journal of Communication Networks and Distributed Systems
Practical yet universally composable two-server password-authenticated secret sharing
Proceedings of the 2012 ACM conference on Computer and communications security
Honeywords: making password-cracking detectable
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Passwords and PINs continue to remain the most widespread forms of user authentication, despite growing awareness of their security limitations. This is because short secrets are convenient, particularly for an increasingly mobile user population. Many users are interested in employing a variety of computing devices with different forms of connectivity and different software platforms. Such users often find it convenient to authenticate by means of passwords and short secrets, to recover lost passwords by answering personal or "life" questions, and to make similar use of relatively weak secrets. In typical authentication methods based on short secrets, the secrets (or related values) are stored in a central database. Often overlooked is the vulnerability of the secrets to theft en bloc in the event of server compromise. With this in mind, Ford and Kaliski and others have proposed various password "hardening" schemes involving multiple servers, with password privacy assured provided that some servers remain uncompromised. In this paper, we describe a new, two-server secure roaming system that benefits from an especially lightweight new set of protocols. In contrast to previous ideas, ours can be implemented so as to require essentially no intensive cryptographic computation by clients. This and other design features render the system, in our view, the most practical proposal to date in this area. We describe in this paper the protocol and implementation challenges and the design choices underlying the system.