Advertisement

TMPS: Ticket-Mediated Password Strengthening

  • John Kelsey
  • Dana Dachman-SoledEmail author
  • Sweta Mishra
  • Meltem Sönmez Turan
Conference paper
  • 16 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 12006)

Abstract

We introduce the notion of TMPS: Ticket-Mediated Password Strengthening, a technique for allowing users to derive keys from passwords while imposing a strict limit on the number of guesses of their password any attacker can make, and strongly protecting the users’ privacy. We describe the security requirements of TMPS, and then a set of efficient and practical protocols to implement a TMPS scheme, requiring only hash functions, CCA2-secure encryption, and blind signatures. We provide several variant protocols, including an offline symmetric-only protocol that uses a local trusted computing environment, and online variants that use group signatures or stronger trust assumptions instead of blind signatures. We formalize the security of our scheme by defining an ideal functionality in the Universal Composability (UC) framework, and by providing game-based definitions of security. We prove that our protocol realizes the ideal functionality in the random oracle model (ROM) under adaptive corruptions with erasures, and prove that security with respect to the ideal/real definition implies security with respect to the game-based definitions.

Keywords

Dictionary attacks TMPS Key derivation 

Notes

Acknowledgements

The authors gratefully acknowledge Bart Preneel, Vincent Rijmen, Frank Piessens, Peihan Miao, Ray Perlner, Kristen Greene, and the many attendees of the Fall 2018 DC Area Crypto Day and NIST Crypto Reading Group for useful feedback and suggestions on this paper.

References

  1. 1.
    Agrawal, S., Miao, P., Mohassel, P., Mukherjee, P.: PASTA: password-based threshold authentication. In: ACM Conference on Computer and Communications Security, pp. 2042–2059. ACM (2018)Google Scholar
  2. 2.
    Akhawe, D.: How dropbox securely stores your passwords (2016). https://blogs.dropbox.com/tech/2016/09/how-dropbox-securely-stores-your-passwords/. Accessed 4 January 2019
  3. 3.
    Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-39200-9_38CrossRefGoogle Scholar
  4. 4.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000).  https://doi.org/10.1007/3-540-45539-6_11. http://dl.acm.org/citation.cfm?id=1756169.1756185CrossRefGoogle Scholar
  5. 5.
    Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE Symposium on Research in Security and Privacy, pp. 72–84 (1992)Google Scholar
  6. 6.
    Biryukov, A., Dinu, D., Khovratovich, D.: Argon2: New generation of memory-hard functions for password hashing and other applications. In: IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbrücken, Germany, 21–24 March 2016, pp. 292–302. IEEE (2016).  https://doi.org/10.1109/EuroSP.2016.31, http://dx.doi.org/10.1109/EuroSP.2016.31
  7. 7.
    Camenisch, J., Drijvers, M., Gagliardoni, T., Lehmann, A., Neven, G.: The wonderful world of global random oracles. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 280–312. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78381-9_11CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Enderlein, R.R., Neven, G.: Two-server password-authenticated secret sharing UC-secure against transient corruptions. Cryptology ePrint Archive, Report 2015/006 (2015). http://eprint.iacr.org/2015/006
  9. 9.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptology 13(1), 143–202 (2000).  https://doi.org/10.1007/s001459910006MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Canetti, R., Damgård, I., Dziembowski, S., Ishai, Y., Malkin, T.: On adaptive vs. non-adaptive security of multiparty protocols. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 262–279. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44987-6_17CrossRefGoogle Scholar
  11. 11.
    Canetti, R., Feige, U., Goldreich, O., Naor, M.: Adaptively secure multi-party computation. In: 28th ACM STOC, pp. 639–648. ACM Press, May 1996.  https://doi.org/10.1145/237814.238015
  12. 12.
    Dodis, Y., Ristenpart, T., Steinberger, J., Tessaro, S.: To hash or not to hash again? (In)Differentiability results for H2 and HMAC. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 348–366. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_21CrossRefzbMATHGoogle Scholar
  13. 13.
    Everspaugh, A., Chaterjee, R., Scott, S., Juels, A., Ristenpart, T.: The pythia PRF service. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 547–562. USENIX Association, Washington, D.C. (2015). https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/everspaugh
  14. 14.
    Hohenberger, S., Lewko, A., Waters, B.: Detecting dangerous queries: a new approach for chosen ciphertext security. Cryptology ePrint Archive, Report 2012/006 (2012). http://eprint.iacr.org/2012/006
  15. 15.
    Jarecki, S., Kiayias, A., Krawczyk, H., Xu, J.: TOPPSS: cost-minimal password-protected secret sharing based on threshold OPRF. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 39–58. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-61204-1_3CrossRefGoogle Scholar
  16. 16.
    Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: an asymmetric PAKE protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 456–486. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78372-7_15CrossRefGoogle Scholar
  17. 17.
    Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press, Boca Raton (2014)zbMATHGoogle Scholar
  18. 18.
    Kelsey, J., Dachman-Soled, D., Mishra, S., Turan, M.S.: TMPS: ticket-mediated password strengthening. IACR Cryptology ePrint Archive 2019, 543 (2019). https://eprint.iacr.org/2019/543
  19. 19.
    Lai, R.W.F., Egger, C., Reinert, M., Chow, S.S.M., Maffei, M., Schröder, D.: Simple password-hardened encryption services. In: 27th USENIX Security Symposium (USENIX Security 18), pp. 1405–1421. USENIX Association, Baltimore, MD (2018). https://www.usenix.org/conference/usenixsecurity18/presentation/lai
  20. 20.
    Lai, R.W.F., Egger, C., Schröder, D., Chow, S.S.M.: Phoenix: rebirth of a cryptographic password-hardening service. In: 26th USENIX Security Symposium (USENIX Security 17), pp. 899–916. USENIX Association, Vancouver, BC (2017). https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/lai
  21. 21.
    Lindell, A.Y.: Adaptively secure two-party computation with erasures. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 117–132. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00862-7_8CrossRefGoogle Scholar
  22. 22.
    Mani, A.: Life of a password. In: Real World Crypto 2015 (2015). https://rwc.iacr.org/2015/Slides/RWC-2015-Amani.pdf
  23. 23.
    Muffett, A.: Facebook: password hashing & authentication. Presentation at Passwords 2014 Conference, NTNU (2014). https://video.adm.ntnu.no/pres/54b660049af94
  24. 24.
    Muffett, A.: Life of a password. Presentation at Real World Crypto 2015 (2015)Google Scholar
  25. 25.
    Schneider, J., Fleischhacker, N., Schröder, D., Backes, M.: Efficient cryptographic password hardening services from partially oblivious commitments. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016, pp. 1192–1203. ACM (2016). http://dl.acm.org/citation.cfm?id=2976749
  26. 26.
    Schröder, D., Unruh, D.: Security of blind signatures revisited. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 662–679. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-30057-8_39CrossRefGoogle Scholar
  27. 27.
    Sönmez Turan, M., Barker, E.B., Burr, W.E., Chen, L.: SP 800–132. recommendation for password-based key derivation: Part 1: Storage applications. Technical report, National Institute of Standards & Technology, Gaithersburg, MD, United States (2010)Google Scholar
  28. 28.
    Wu, T.: The SRP authentication and key exchange system. RFC 2945, pp. 1–8 (2000). https://doi.org/10.17487/RFC2945

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.National Institute of Standards and TechnologyGaithersburgUSA
  2. 2.Department of Electrical EngineeringESAT/COSIC, KU LeuvenLeuvenBelgium
  3. 3.Department of Electrical and Computer EngineeringUniversity of MarylandCollege ParkUSA
  4. 4.Department of Computer Science and EngineeringShiv Nadar UniversityGreater NoidaIndia

Personalised recommendations