Blind Password Registration for Verifier-based PAKE

Kiefer, Franziskus; Manulis, Mark

doi:10.1145/2898420.2898424

Cited by 7 publications

(18 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…• 重新定义口令散列方案的接口. 观察到, Kiefer-Manuals方案 [21,22] 提出的口令散列方案, 其盐值不具有不可区分的特性, 与Benhanmouda-Pointcheval方案 [20] 提出的原始定义不同. 这在一定程度上降低了方案安全性, 为在标准模型中获得抗量子口令散列方案, 结合Benhanmouda-Pointcheval方案 [20] 、Kiefer-Manuals方案 [21,22] , 本文重新修订口令散列方案的定义, 并修正了口令散列方案的接口, 以便可以有效地集成到非对称PAKE协议中.…”

Section: 本文贡献unclassified

“…• 提出基于格的Pedersen承诺口令散列方案. 观察到, 现有的基于离散对数的口令散列方案 [21,22] 均使用Pedersen承诺方案设计而来. Nguyen等 [24] 利用格上基于SIS问题的KTX承诺, 提出了一种基于格的口令散列协议, 该协议具有零知识口令策略检查的特性, 其构造依赖于复杂的随机排列, 但放松了安全性要求, 使其盐值不具有不可区分性的特性.…”

Section: 本文贡献unclassified

“…此外, 非对称(或称基于验证因子的, verifier-based) PAKE协议 [20,25,26] 要求服务器端存储与口令相关的验证信息(例如, 带有与盐值相关的随机口令散列). 因此, 为保证基于格的口令散列方案满足PAKE协议的要求, 本文遵循基于Pedersen类口令散列方案 [21,22] 的技术路线, 提出了3种基于格上承诺口令散列方案. 相较于Nguyen等 [24] 复杂的permutation操作, 本文方案具有更高的计算效率.…”

Section: 本文贡献unclassified

See 2 more Smart Citations

Achieving password-hashing scheme over lattices

Wang

2021

Sci. Sin.-Inf.

View full text Add to dashboard Cite

Pointceva方案(IACR ePrint2013/833)、 Kiefer-Manulis方案(ESORICS'14)、 Pointcheval-Wang方案(ASIACCS'17)与平滑投影散列函数(smooth projective hash function, SPHF)集成, 但这些方案无法实现后量子安全且仍依赖于ROM模型. 因此, 本文着重研究如何在标准模型下设计后量子安全的口令散列方案, 并给出可证明安全性分析. 尽管所提方案尚不能应用于实际, 但为构造实际的后量子安全的口令认证及密钥交换协议奠定了基础.

show abstract

Section: 本文贡献unclassified

See 1 more Smart Citation

Achieving password-hashing scheme over lattices

Wang

2021

Sci. Sin.-Inf.

View full text Add to dashboard Cite

show abstract

“…To improve the efficiency of secure password registration for VPAKE [32] and two server PAKE [33], Kiefer and Manulis proposed blind password registration (BPR), a new class of cryptographic protocols that prevent password leakage from the server. Using techinques introduced in [31], Kiefer and Manulis used an efficient shuffling proof from [19] to achieve O(1) number of set membership proofs instead of O(n max ) in ZKPPC.…”

Section: Introductionmentioning

confidence: 99%

Zero-Knowledge Password Policy Check from Lattices

Nguyen

Tan

Wang

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Passwords are ubiquitous and most commonly used to authenticate users when logging into online services. Using high entropy passwords is critical to prevent unauthorized access and password policies emerged to enforce this requirement on passwords. However, with current methods of password storage, poor practices and server breaches have leaked many passwords to the public. To protect one's sensitive information in case of such events, passwords should be hidden from servers. Verifier-based password authenticated key exchange, proposed by Bellovin and Merrit (IEEE S&P, 1992), allows authenticated secure channels to be established with a hash of a password (verifier). Unfortunately, this restricts password policies as passwords cannot be checked from their verifier. To address this issue, Kiefer and Manulis (ESORICS 2014) proposed zero-knowledge password policy check (ZKPPC). A ZKPPC protocol allows users to prove in zero knowledge that a hash of the user's password satisfies the password policy required by the server. Unfortunately, their proposal is not quantum resistant with the use of discrete logarithm-based cryptographic tools and there are currently no other viable alternatives. In this work, we construct the first post-quantum ZKPPC using lattice-based tools. To this end, we introduce a new randomised password hashing scheme for ASCII-based passwords and design an accompanying zero-knowledge protocol for policy compliance. Interestingly, our proposal does not follow the framework established by Kiefer and Manulis and offers an alternate construction without homomorphic commitments. Although our protocol is not ready to be used in practice, we think it is an important first step towards a quantum-resistant privacy-preserving password-based authentication and key exchange system.

show abstract

“…To get better efficiency for secure password registration than VPAKE [125] and two server PAKE [126], Kiefer and Manulis introduced a new family of protocols called blind password registration (BPR). Adapting the techniques in [124], they applied an efficient shuffling proof from Furukawa [77] to reduce the number of set membership proofs to a constant number instead of being dependent on the maximum allowed password length.…”

Section: Previous Workmentioning

confidence: 99%

Privacy-preserving protocols from lattice cryptography

Tan¹

View full text Add to dashboard Cite

Blind Password Registration for Verifier-based PAKE

Cited by 7 publications

References 39 publications

Achieving password-hashing scheme over lattices

Achieving password-hashing scheme over lattices

Zero-Knowledge Password Policy Check from Lattices

Privacy-preserving protocols from lattice cryptography

Contact Info

Product

Resources

About