Abstract
Passwords constitute the main mean for authentication in computer systems. In order to maintain the user-related information at the service provider end, password hashing schemes (PHS) are utilized. The limited and old-fashioned solutions led the international cryptographic community to conduct the Password Hashing Competition (PHC). The competition will propose a small portfolio of schemes suitable for widespread usage until 2015. Embedded systems form a special application domain, utilizing devices with inherent computational limitations. Lightweight cryptography focuses in designing schemes for such devices and targets moderate levels of security. In this paper, a lightweight poly PHS suitable for lightweight cryptography is presented. At first, we design two lightweight versions of the PHC schemes Catena and PolyPassHash. Then, we integrate them and implement the proposed scheme – called LightPolyPHS. A fair comparison with similar proposals on mainstream computer is presented.
Chapter PDF
Similar content being viewed by others
References
Kaliski, B.: RSA Laboratories: RFC 2898 - PKCS #5: Password-Based Cryptography Specification Version 2.0. Technical report, IETF, 2000 (2000)
Provos, N., Mazires, D.: A Future-Adaptable Password Scheme. In: USENIX Annual Technical Conference, pp. 81–92 (1999)
Percival, C.: Stronger Key Derivation via Sequential Memory-Hard Functions. presented at BSDCan2009 (May 2009)
Orman, H: Twelve Random Characters: Passwords in the Era of Massive Parallelism. IEEE Internet Computing 17(5), 91–94 (2013)
Forler, C., Lucks, S., Wenzel, J.: Catena: A memory-consuming password scrambler, Cryptology ePrint Archive, Report 2013/525 (2013)
Forler, C., Lucks, S., Wenzel, J.: The Catena Password Scrambler, PHC submission (May 15, 2014)
Hatzivasilis, G., Papaefstathiou, I., Manifavas, C.: Password Hashing Competition - Survey and Benchmark, Cryptology ePrint Archive, Report 2015/265 (2015)
Hatzivasilis, G., Theodoridis, A., Gasparis, E., Manifavas, C.: ULCL: an Ultra-Lightweight Cryptographic Library for embedded systems. In: MeSeCCS, PECCS, 2014, Lisbon, Portugal (2014)
Hatzivasilis, G., Floros, G., Papaefstathiou, I., Manifavas, C.: Lightweight authenticated encryption for green networking. In: IEEE AFRICON 2015 Green Innovation for African Renaissance, Addis Ababa, Ethiopia. IEEE (2015)
Fysarakis, K., Hatzivasilis, G., Rantos, K., Papanikolaou, A., Manifavas, C.: Embedded systems security challenges. In: MeSeCCS, PECCS, Lisbon, Portugal (2014)
Petroulakis, N.E., Askoxylakis, I.G., Traganitis, A., Spanoudakis, G.: A privacy-level model of user-centric cyber-physical systems. In: Marinos, L., Askoxylakis, I. (eds.) HAS 2013. LNCS, vol. 8030, pp. 338–347. Springer, Heidelberg (2013)
Siris, V., Askoxylakis, I., Conti, M., Bruno, R.: Enhanced, ubiquitous and dependable broadband access using MESH networks. In: ERCIM News, vol. 73 (2008)
Markantonakis, K., Mayes, K., Sauveron, D., Askoxylakis, I.G.: Overview of security threats for smart cards in the public transport industry. IEEE International Conference on e-Business Engineering, pp. 506–513. IEEE (2008)
Manifavas, C., Hatzivasilis, G., Fysarakis, K., Rantos, K.: Lightweight cryptography for embedded systems – a comparative analysis. In: Garcia-Alfaro, J., Lioudakis, G., Cuppens-Boulahia, N., Foley, S., Fitzgerald, W.M. (eds.) DPM 2013 and SETOP 2013. LNCS, vol. 8247, pp. 333–349. Springer, Heidelberg (2014)
Dhurjati, D., Kowshik, S., Adve, V., Lattner, C.: Memory safety without garbage collection for embedded applications. ACM TECS 4(1), 73–111 (2005)
NIST: Recommendation for Password-Based Key Derivation. NIST Special Publication 800–132 (December 2010)
Shamir, A.: How to share a secret. Communications of the ACM 22(11), 612–613 (1979)
Schneier, B.: Description of a new variable-length key, 64-bit block cipher (Blowfish). In: Anderson, R. (ed.) FSE. LNCS vol. 809, pp. 191–204. Springer, Heidelberg (1994)
Bernstein, D.J.: The Salsa20 family of stream ciphers, eSTREAM project (2007)
Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the limits: a very compact and a threshold implementation of aes. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011)
NIST: Secure Hash Standard, FIPS 180–2 (April 1995)
Aumasson, J.-P., Neves, S., Wilcox-O’Hearn, Z., Winnerlein, C.: BLAKE2: Simpler, smaller, fast as MD5. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 119–135. Springer, Heidelberg (2013)
ISO/IEC 29192:2012, International standard for lightweight cryptographic methods, ISO/IEC (2012)
Akishita, T., Hiwatari, H.: Very Compact Hardware Implementations of the Blockcipher CLEFIA. Sony Corporation, Technical Paper (2011)
Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011)
Guo, J., Karpman, P., Nikolic, I., Wang, L., Wu, S.: Analysis of Blake2, Cryptology ePrint Archive, Report 2013/467 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hatzivasilis, G., Papaefstathiou, I., Manifavas, C., Askoxylakis, I. (2015). Lightweight Password Hashing Scheme for Embedded Systems. In: Akram, R., Jajodia, S. (eds) Information Security Theory and Practice. WISTP 2015. Lecture Notes in Computer Science(), vol 9311. Springer, Cham. https://doi.org/10.1007/978-3-319-24018-3_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-24018-3_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24017-6
Online ISBN: 978-3-319-24018-3
eBook Packages: Computer ScienceComputer Science (R0)