Threshold Single Password Authentication
Passwords are the most widely used form of online user authentication. In a traditional setup, the user, who has a human-memorable low entropy password, wants to authenticate with a login server. Unfortunately, existing solutions in this setting are either non-portable or insecure against many attacks, including phishing, man-in-the-middle, honeypot, and offline dictionary attacks. Three previous studies (Acar et al. 2013, Bicakci et al. 2011, and Jarecki et al. 2016) provide solutions secure against offline dictionary attacks by additionally employing a storage provider (either a cloud storage or a mobile device for portability). These works provide solutions where offline dictionary attacks are impossible as long as the adversary does not corrupt both the login server and the storage provider.
For the first time, improving these previous works, we provide a more secure generalized solution employing multiple storage providers, where our solution is proven secure against offline dictionary attacks as long as the adversary does not corrupt the login server and threshold-many storage providers. We define ideal and real world indistinguishability for threshold single password authentication (Threshold SPA) schemes, and formally prove security of our solution via ideal-real simulation. Our solution provides security against all the above-mentioned attacks, including phishing, man-in-the-middle, honeypot, and offline dictionary attacks, and requires no change on the server side. Thus, our solution can immediately be deployed via a browser extension (or a mobile application) and support from some storage providers. We further argue that our protocol is efficient and scalable, and provide performance numbers where the user and storage load are only a few milliseconds.
KeywordsPassword based authentication Threshold secret sharing Dictionary attack Phishing
We thank Prof. Jens Groth from University College London for his valuable comments and discussions that greatly improved the manuscript, and acknowledge the support of TÜBİTAK (the Scientific and Technological Research Council of Turkey) under project numbers 114E487 and 115E766, European Union COST Action IC1306, and the Royal Society of UK Newton Advanced Fellowship NA140464.
- 2.Belenkiy, M., Acar, T., Morales, H., Küpçü, A.: Securing passwords against dictionary attacks (2015). US Patent 9,015,489Google Scholar
- 3.Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 72–84. IEEE (1992)Google Scholar
- 4.Bicakci, K., Atalay, N.B., Yuceel, M., van Oorschot, P.C.: Exploration and field study of a browser-based password manager using icon-based passwords. In: Workshop on Real-Life Cryptographic Protocols and Standardization (2011)Google Scholar
- 5.Boyen, X.: Hidden credential retrieval from a reusable password. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp. 228–238. ACM (2009)Google Scholar
- 9.Camenisch, J., Lehmann, A., Lysyanskaya, A., Neven, G.: Memento: how to reconstruct your secrets from a single password in a hostile environment. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 256–275. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-44381-1_15CrossRefzbMATHGoogle Scholar
- 10.Camenisch, J., Lehmann, A., Neven, G.: Optimal distributed password verification. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 182–194. ACM (2015)Google Scholar
- 13.Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of the 16th International Conference on World Wide Web, pp. 657–666. ACM (2007)Google Scholar
- 14.Ford, W., Kaliski, B.S.: Server-assisted generation of a strong secret from a password. In: Proceedings of the IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000), pp. 176–180. IEEE (2000)Google Scholar
- 17.Jarecki, S., Krawczyk, H., Shirvanian, M., Saxena, N.: Device-enhanced password protocols with optimal online-offline protection. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 177–188. ACM (2016)Google Scholar
- 18.Juels, A., Rivest, R.L.: Honeywords: making password-cracking detectable. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 145–160. ACM (2013)Google Scholar
- 22.Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger password authentication using browser extensions. In: Usenix Security, Baltimore, MD, USA, pp. 17–32 (2005)Google Scholar