Threshold Single Password Authentication

  • Devriş İşlerEmail author
  • Alptekin Küpçü
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10436)


Passwords are the most widely used form of online user authentication. In a traditional setup, the user, who has a human-memorable low entropy password, wants to authenticate with a login server. Unfortunately, existing solutions in this setting are either non-portable or insecure against many attacks, including phishing, man-in-the-middle, honeypot, and offline dictionary attacks. Three previous studies (Acar et al. 2013, Bicakci et al. 2011, and Jarecki et al. 2016) provide solutions secure against offline dictionary attacks by additionally employing a storage provider (either a cloud storage or a mobile device for portability). These works provide solutions where offline dictionary attacks are impossible as long as the adversary does not corrupt both the login server and the storage provider.

For the first time, improving these previous works, we provide a more secure generalized solution employing multiple storage providers, where our solution is proven secure against offline dictionary attacks as long as the adversary does not corrupt the login server and threshold-many storage providers. We define ideal and real world indistinguishability for threshold single password authentication (Threshold SPA) schemes, and formally prove security of our solution via ideal-real simulation. Our solution provides security against all the above-mentioned attacks, including phishing, man-in-the-middle, honeypot, and offline dictionary attacks, and requires no change on the server side. Thus, our solution can immediately be deployed via a browser extension (or a mobile application) and support from some storage providers. We further argue that our protocol is efficient and scalable, and provide performance numbers where the user and storage load are only a few milliseconds.


Password based authentication Threshold secret sharing Dictionary attack Phishing 



We thank Prof. Jens Groth from University College London for his valuable comments and discussions that greatly improved the manuscript, and acknowledge the support of TÜBİTAK (the Scientific and Technological Research Council of Turkey) under project numbers 114E487 and 115E766, European Union COST Action IC1306, and the Royal Society of UK Newton Advanced Fellowship NA140464.


  1. 1.
    Acar, T., Belenkiy, M., Küpçü, A.: Single password authentication. Comput. Netw. 57(13), 2597–2614 (2013)CrossRefGoogle Scholar
  2. 2.
    Belenkiy, M., Acar, T., Morales, H., Küpçü, A.: Securing passwords against dictionary attacks (2015). US Patent 9,015,489Google Scholar
  3. 3.
    Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy, pp. 72–84. IEEE (1992)Google Scholar
  4. 4.
    Bicakci, K., Atalay, N.B., Yuceel, M., van Oorschot, P.C.: Exploration and field study of a browser-based password manager using icon-based passwords. In: Workshop on Real-Life Cryptographic Protocols and Standardization (2011)Google Scholar
  5. 5.
    Boyen, X.: Hidden credential retrieval from a reusable password. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp. 228–238. ACM (2009)Google Scholar
  6. 6.
    Boyen, X.: HPAKE: password authentication secure against cross-site user impersonation. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 279–298. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-10433-6_19CrossRefGoogle Scholar
  7. 7.
    Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000). doi: 10.1007/3-540-45539-6_12CrossRefGoogle Scholar
  8. 8.
    Camenisch, J., Enderlein, R.R., Neven, G.: Two-server password-authenticated secret sharing UC-secure against transient corruptions. In: Katz, J. (ed.) PKC 2015. LNCS, vol. 9020, pp. 283–307. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46447-2_13CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Lehmann, A., Lysyanskaya, A., Neven, G.: Memento: how to reconstruct your secrets from a single password in a hostile environment. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 256–275. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-44381-1_15CrossRefzbMATHGoogle Scholar
  10. 10.
    Camenisch, J., Lehmann, A., Neven, G.: Optimal distributed password verification. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 182–194. ACM (2015)Google Scholar
  11. 11.
    Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptology 13(1), 143–202 (2000)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES-The Advanced Encryption Standard. Springer, Heidelberg (2013)zbMATHGoogle Scholar
  13. 13.
    Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of the 16th International Conference on World Wide Web, pp. 657–666. ACM (2007)Google Scholar
  14. 14.
    Ford, W., Kaliski, B.S.: Server-assisted generation of a strong secret from a password. In: Proceedings of the IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000), pp. 176–180. IEEE (2000)Google Scholar
  15. 15.
    Freedman, M.J., Ishai, Y., Pinkas, B., Reingold, O.: Keyword search and oblivious pseudorandom functions. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 303–324. Springer, Heidelberg (2005). doi: 10.1007/978-3-540-30576-7_17CrossRefGoogle Scholar
  16. 16.
    Jarecki, S., Kiayias, A., Krawczyk, H.: Round-optimal password-protected secret sharing and T-PAKE in the password-only model. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 233–253. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45608-8_13CrossRefzbMATHGoogle Scholar
  17. 17.
    Jarecki, S., Krawczyk, H., Shirvanian, M., Saxena, N.: Device-enhanced password protocols with optimal online-offline protection. In: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security, pp. 177–188. ACM (2016)Google Scholar
  18. 18.
    Juels, A., Rivest, R.L.: Honeywords: making password-cracking detectable. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 145–160. ACM (2013)Google Scholar
  19. 19.
    Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001). doi: 10.1007/3-540-44987-6_29CrossRefGoogle Scholar
  20. 20.
    MacKenzie, P., Shrimpton, T., Jakobsson, M.: Threshold password-authenticated key exchange. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 385–400. Springer, Heidelberg (2002). doi: 10.1007/3-540-45708-9_25CrossRefGoogle Scholar
  21. 21.
    Mannan, M., van Oorschot, P.C.: Using a personal device to strengthen password authentication from an untrusted computer. In: Dietrich, S., Dhamija, R. (eds.) FC 2007. LNCS, vol. 4886, pp. 88–103. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-77366-5_11CrossRefGoogle Scholar
  22. 22.
    Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger password authentication using browser extensions. In: Usenix Security, Baltimore, MD, USA, pp. 17–32 (2005)Google Scholar
  23. 23.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Tatli, E.I.: Cracking more password hashes with patterns. IEEE Trans. Inf. Forensics Secur. 10(8), 1656–1665 (2015)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Koç UniversityİstanbulTurkey

Personalised recommendations