Server-assisted generation of a strong secret from a password

Abstract: A roaming user, who accesses a network from different client terminals, can be supported by a credentials server that authenticates the user by password then assists in launching a secure environment for the user. However, traditional credentials server designs are vulnerable to exhaustive password guessing attack at the server. We describe a new credentials server model and supporting protocol that overcomes that deficiency. The protocol provides for securely generating a strong secret from a weak secret (pas… Show more

“…Ford and Kaliski proposed methods [6] that use multiple servers to prevent attacking by introducing password hardening protocol by which servers interact with the user to harden the user's password into a strong secret without revealing either the user's password or the hardened result. A password-only multi-server roaming protocol [9] is presented by Jablon.…”

“…In his protocol, the user can authenticate servers and retrieve his private key for temporary use on a client machine using just an easily memorable password. [6] and [9] make use of the multiple servers to gain the goal of the protocol. When some of the servers are compromised, the user can not obtain valid secret key no matter what the user has a method to verify the key.…”

“…While the smart card plays an important role in storing sensitive information, it is impractical in many real environments due mainly to inconvenience, for example, a user needs an external interface device to communicate with a smart card. With mainly focused on this point, strong password authentication protocols were presented by Perlman et al [13], Ford et al [6], and Jablon [9], etc. Some of them used multiple servers to implement a roaming protocol that uses a weak secret key to securely retrieve and reconstruct a strong private key that has been divided into pieces distributed among multiple servers.…”

Threshold Password-Based Authentication Using Bilinear Pairings

“…Ford and Kaliski proposed methods [6] that use multiple servers to prevent attacking by introducing password hardening protocol by which servers interact with the user to harden the user's password into a strong secret without revealing either the user's password or the hardened result. A password-only multi-server roaming protocol [9] is presented by Jablon.…”

“…In his protocol, the user can authenticate servers and retrieve his private key for temporary use on a client machine using just an easily memorable password. [6] and [9] make use of the multiple servers to gain the goal of the protocol. When some of the servers are compromised, the user can not obtain valid secret key no matter what the user has a method to verify the key.…”

“…While the smart card plays an important role in storing sensitive information, it is impractical in many real environments due mainly to inconvenience, for example, a user needs an external interface device to communicate with a smart card. With mainly focused on this point, strong password authentication protocols were presented by Perlman et al [13], Ford et al [6], and Jablon [9], etc. Some of them used multiple servers to implement a roaming protocol that uses a weak secret key to securely retrieve and reconstruct a strong private key that has been divided into pieces distributed among multiple servers.…”

Threshold Password-Based Authentication Using Bilinear Pairings

“…In this section, we briefly survey the existing commercial key roaming systems of Baltimore's [1], Entrust's [6], [16] and VeriSign's [3], [8], [14], [15].…”

“…Generally, key roaming systems are vulnerable to exhaustive password guessing attack at server. Ford and Kaliski presented the key roaming protocol which overcomes this deficiency [8] and is used to VeriSign's roaming service. Ford and Kaliski's methods use multiple servers to further prevent guessing attacks by an enemy that compromises all but one server.…”

An Improvement of VeriSign’s Key Roaming Service Protocol

Password Authenticated Key Exchange