Protocols for Checking Compromised Credentials

Li, Lucy; Pal, Bijeeta; Ali, Junade; Sullivan, Nick; Chatterjee, Rahul; Ristenpart, Thomas

doi:10.1145/3319535.3354229

Cited by 32 publications

(42 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There is a trade-off to this approach; to ensure both communication overhead remains low and prevent re-identification attacks, the user must disclose the first few bits of two hashed Rolling Proximity Identifiers. The risk associated to such a protocol is well documented in [12] and formal analysis of the properties of anonymised hashes can be found in [15]. Such protocols have been used widely in compromised credential checking systems, a privacy sensitive context.…”

Section: Security Discussionmentioning

confidence: 99%

“…Our prior work in [12] provides an empirical comparison of compromised credential checking (C3) protocols and defines novel protocols for minimising information loss. Whilst pure Private Set Intersection has a heavy computational and communication overhead, [13] has combined k-Anonymous protocols with Private Set Intersection to reduce this burden.…”

Section: Related Workmentioning

confidence: 99%

“…We seek to allow a user to query CCIs whilst minimising the privacy loss both on the server and for the client. Fortunately, this is a well explored problem in [10], [12], [13].…”

Section: B Efficient Rolling Proximity Identifier Searchmentioning

confidence: 99%

“…The client simply needs to truncate the CCI hash to a desired number of bits such to grant anonymity (we provide both formal definitions and empirical analysis for applying k-Anonymity to hash based data sets in [15]). As such buckets are queried on the basis of CCI hashes instead of the RPIs or Temporary Exposure Keys, no additional information is leaked (for more information on data leakage risks see the section on "Identifier-Based Bucketization" in [12]).…”

Section: B Efficient Rolling Proximity Identifier Searchmentioning

confidence: 99%

See 3 more Smart Citations

Cross Hashing: Anonymizing encounters in Decentralised Contact Tracing Protocols

Ali

Dyo

2021

2021 International Conference on Information Networking (ICOIN)

Self Cite

View full text Add to dashboard Cite

During the COVID-19 (SARS-CoV-2) epidemic, Contact Tracing emerged as an essential tool for managing the epidemic. App-based solutions have emerged for Contact Tracing, including a protocol designed by Apple and Google (influenced by an open-source protocol known as DP3T). This protocol contains two well-documented de-anonymisation attacks. Firstly that when someone is marked as having tested positive and their keys are made public, they can be tracked over a large geographic area for 24 hours at a time. Secondly, whilst the app requires a minimum exposure duration to register a contact, there is no cryptographic guarantee for this property. This means an adversary can scan Bluetooth networks and retrospectively find who is infected. We propose a novel "cross hashing" approach to cryptographically guarantee minimum exposure durations. We further mitigate the 24-hour data exposure of infected individuals and reduce computational time for identifying if a user has been exposed using k-Anonymous buckets of hashes and Private Set Intersection. We empirically demonstrate that this modified protocol can offer like-for-like efficacy to the existing protocol.

show abstract

Section: Security Discussionmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

“…We seek to allow a user to query CCIs whilst minimising the privacy loss both on the server and for the client. Fortunately, this is a well explored problem in [10], [12], [13].…”

Section: B Efficient Rolling Proximity Identifier Searchmentioning

confidence: 99%

Section: B Efficient Rolling Proximity Identifier Searchmentioning

confidence: 99%

See 2 more Smart Citations

Cross Hashing: Anonymizing encounters in Decentralised Contact Tracing Protocols

Ali

Dyo

2021

2021 International Conference on Information Networking (ICOIN)

Self Cite

View full text Add to dashboard Cite

show abstract

“…Here an adversary uses exposed passwords to try to log into user accounts on various web services, which succeeds frequently because of password reuse [22,36]. In response, practitioners have set up third-party services such as Have I Been Pwned (HIBP) [3,31] and Google Password Checkup (GPC) [38,41] that provide public APIs to check if a user's password has been exposed in known breaches. These breach-alerting services, also called compromised credential checking (C3) services, can help prevent credential stuffing attacks by alerting users to change their passwords.…”

Section: Introductionmentioning

confidence: 99%

Might I Get Pwned: A Second Generation Compromised Credential Checking Service

Pal¹,

Islam²,

Sanusi³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Credential stuffing attacks use stolen passwords to log into victim accounts. To defend against these attacks, recently deployed compromised credential checking (C3) services provide APIs that help users and companies check whether a username, password pair is exposed. These services however only check if the exact password is leaked, and therefore do not mitigate credential tweaking attacks in which the adversary guesses variants of a user's leaked passwords.We initiate work on C3 APIs that protect users from credential tweaking attacks. The core underlying challenge is how to identify passwords that are similar to their leaked passwords while preserving honest clients' privacy and also preventing malicious clients from extracting breach data from the service. We formalize the problem and explore a variety of ways to measure password similarity that balance efficacy, performance, and security.Based on this exploration, we design "Might I Get Pwned" (MIGP), a new kind of breach alerting service. Our simulations show that MIGP reduces the efficacy of state-of-the-art 10guess credential tweaking attacks by 81%. MIGP preserves user privacy and limits potential exposure of sensitive breach entries. We show that the protocol is fast, with response time close to existing C3 services, and suitable for real-world deployment.

show abstract

Password Authentication Attacks at Scale

Ali¹,

Pikies²

2020

Lecture Notes in Electrical Engineering

View full text Add to dashboard Cite

Protocols for Checking Compromised Credentials

Cited by 32 publications

References 25 publications

Cross Hashing: Anonymizing encounters in Decentralised Contact Tracing Protocols

Cross Hashing: Anonymizing encounters in Decentralised Contact Tracing Protocols

Might I Get Pwned: A Second Generation Compromised Credential Checking Service

Password Authentication Attacks at Scale

Contact Info

Product

Resources

About