Hidden credential retrieval from a reusable password

Proceedings of the 4th International Symposium on ACM Symposium on Information, Computer and Communications Security, ASIACCS'09

Volumn , Issue , 2009, Pages 228-238

  Boyen, Xavier ^a  

^a STANFORD UNIVERSITY   (United States)

Author keywords

Online authentication; Partially trusted servers; Reusable passwords; Stateless roaming credentials

Indexed keywords

BLIND SIGNATURES; COMPREHENSIVE MODEL; HIDDEN CREDENTIALS; LIMITED MEMORY; OFFLINE; OFFLINE PASSWORDS; ONLINE AUTHENTICATION; ORACLE MODEL; PLAINTEXT; SIMPLE PROTOCOL; SINGLE SIGN ON; USER-CENTRIC;

AUTHENTICATION; ELECTRIC EQUIPMENT PROTECTION; INTERNET PROTOCOLS; SERVERS;

COMPUTER SOFTWARE REUSABILITY;

EID: 77952372954     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1533057.1533089     Document Type: Conference Paper

References (46)

1. Michel Abdalla, Mihir Bellare, Dario Catalano, Eike Kiltz, Tadayoshi Kohno, Tanja Lange, John Malone Lee, Gregory Neven, Pascal Paillier, and Haixia Shi. Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions. In Advances in Cryptology-CRYPTO 2005, pages 205-22, 2005.
2. Mihir Bellare and Silvio Micali. Non-interactive oblivious transfer and applications. In Advances in Cryptology-CRYPTO 1989, pages 547-57, 1989.
3. Mihir Bellare, David Pointcheval, and Philip Rogaway. Authenticated key exchange secure against dictionary attacks. In Advances in Cryptology-EUROCRYPT 2000, pages 139-55, 2000.
4. Steven M. Bellovin and Michael Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In IEEE Symposium on Security and Privacy-SP 1992, pages 72-84, 1992.
5. Steven M. Bellovin and Michael Merritt. Augmented encrypted key exchange. In ACM Conference on Computer and Communications Security-CCS 1993, pages 224-50, 1993.
6. Charles H. Bennett, Gilles Brassard, Claude Crépeau, and M.-H. Skubiszewska. Practical quantum oblivious transfer. In Advances in Cryptology-CRYPTO 1991, pages 351-66, 1991.
7. Ian F. Blake, Gadiel Seroussi, and Nigel P. Smart, editors. Advances in Elliptic Curve Cryptography, volume 317 of London Mathematical Society Lecture Note Series. Cambridge University Press, 2005.
8. Simon Blake-Wilson, Don Johnson, and Alfred Menezes. Key agreement protocols and their security analysis. In Proceedings of the Sixth IMA International Conference on Cryptography and Coding, pages 30-45, 1997.
9. Alexandra Boldyreva. Threshold signatures, multisignatures and blind signatures based on the gap-Diffie-Hellman-group signature scheme. In Public Key Cryptography-PKC 2003, pages 31-46, 2003.
10. Dan Boneh, Giovanni Di Crescenzo, Rafail Ostrovsky, and Giuseppe Persiano. Public key encryption with keyword search. In Advances in Cryptology-EUROCRYPT 2004, pages 506-22, 2004.
11. Dan Boneh, Eyal Kushilevitz, Rafail Ostrovsky, and W. Skeith. Public key encryption that allows PIR queries. In Advances in Cryptology-CRYPTO 2007, pages 50-67, 2007.
12. Dan Boneh, Ben Lynn, and Hovav Shacham. Short signatures from the Weil pairing. In Advances in Cryptology-ASIACRYPT 2001, pages 514-32, 2001. (Pubitemid 33371204)
13. Xavier Boyen. Halting password puzzles - hard-to-break encryption from human-memorable keys. In 16th USENIX Security Symposium-SECURITY 2007, pages 119-134. The USENIX Association, 2007.
14. Xavier Boyen and Brent Waters. Anonymous hierarchical identity-based encryption (without random oracles). In Advances in Cryptology-CRYPTO 2006, pages 290-307, 2006. (Pubitemid 44532122)
15. Victor Boyko, Philip MacKenzie, and Sarvar Patel. Provably secure password-authenticated key exchange using Diffie-Hellman. In Advances in Cryptology-EUROCRYPT 2000, 2000.
16. Gilles Brassard, Claude Crépeau, and Jean-Marc Robert. All-or-nothing disclosure of secrets. In Advances in Cryptology-CRYPTO 1986, pages 234-38, 1986.
17. Christian Cachin, Silvio Micali, and Michael Stadler. Computationally private information retrieval with polylogarithmic communication. In Advances in Cryptology-EUROCRYPT 1999, pages 402-14, 1999.
18. Jan Camenisch, Gregory Neven, and abhi shelat. Simulatable adaptive oblivious transfer. In Advances in Cryptology-EUROCRYPT 2007, pages 573-90, 2007.
19. Ran Canetti, Shai Halevi, Jonathan Katz, Yehuda Lindell, and Philip MacKenzie. Universally composable password-based key exchange. In Advances in Cryptology-EUROCRYPT 2005, pages 404-21, 2005.
20. Ran Canetti and Hugo Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Advances in Cryptology-EUROCRYPT 2001, pages 453-74, 2001.
21. David Chaum. Blind signatures for untraceable payments. In Advances in Cryptology-CRYPTO 1982, pages 199-203, 1982.
22. Benny Chor, Oded Goldreich, Eyal Kushilevitz, and Madhu Sudan. Private information retrieval. In IEEE Symposium on Foundations of Computer Science-FOCS 1995, pages 41-51, 1995.
23. Yevgeniy Dodis and Adam Smith. Entropic security and the encryption of high-entropy messages. In Theory of Cryptography Conference-TCC 2005, 2005.
24. Shimon Even, Oded Goldreich, and Abraham Lempel. A randomized protocol for signing contracts. In Advances in Cryptology-CRYPTO 1982, pages 205-10, 1982.
25. D. Florencio and Cormac Herley. Klassp: Entering passwords on a spyware infected machine using a shared-secret proxy. In Proc. ACSAC 2006, 2006.
26. Warwick Ford and Burton S. Kaliski Jr. Server-assisted generation of a strong secret from a password. In Proc. IEEE 9th Int. Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, pages 176-80. IEEE Press, 2000.
27. Steven Galbraith, Kenneth Paterson, and Nigel Smart. Pairings for cryptographers. Cryptology ePrint Archive, Report 2006/165, 2006.
28. Craig Gentry, Philip MacKenzie, and Zulfikar Ramzan. Password authenticated key exchange using hidden smooth subgroups. In ACM Conference on Computer and Communications Security-CCS 2005, pages 299-309. ACM Press, 2005.
29. Craig Gentry, Philip MacKenzie, and Zulfikar Ramzan. A method for making password-based key exchange resilient to server compromise. In Advances in Cryptology-CRYPTO 2006, LNCS, pages 142-59. Springer-Verlag, 2006.
30. Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game or a completeness theorem for protocols with honest majority. In ACM Symposium on Theory of Computing-STOC 1987, pages 218-29, 1987.
31. Matthew Green and Susan Hohenberger. Blind identity-based encryption and simulatable oblivious transfer. In Advances in Cryptology-ASIACRYPT 2007, 2007.
32. Shai Halevi and Yael Tauman Kalai. Smooth projective hashing and two-message oblivious transfer. Cryptology ePrint Archive, Report 2007/118, 2007.
33. Shai Halevi and Hugo Krawczyk. Public-key cryptography and password protocols. In ACM Conference on Computer and Communications Security-CCS 1998, pages 122-31. ACM Press, 1998.
34. D. N. Hoover and B. N. Kausik. Software smart cards via cryptographic camouflage. In IEEE Symposium on Security and Privacy-SP 1999, 1999.
35. Jonathan Katz and Rafail Ostrovsky. Round-optimal secure two-party computation. In Advances in Cryptology-CRYPTO 2004, pages 335-54, 2004.
36. Jonathan Katz, Rafail Ostrovsky, and Moti Yung. Efficient password-authenticated key exchange using human-memorable passwords. In Advances in Cryptology-CRYPTO 2001, 2001.
37. Joe Kilian. Founding cryptography on oblivious transfer. In ACM Symposium on Theory of Computing-STOC 1988, pages 20-31, 1988.
38. Kaoru Kurosawa and W. Ogata. Oblivious keyword search. Journal of Complexity, 20 (2-3):356-71, 2004.
39. Helger Lipmaa. An oblivious transfer protocol with log-squared communication. Cryptology ePrint Archive, Report 2004/063, 2004.
40. Moni Naor and Benny Pinkas. Oblivious transfer with adaptive queries. In Advances in Cryptology-CRYPTO 1999, pages 573-90, 1999.
41. Moni Naor and Benny Pinkas. Efficient oblivious transfer protocols. In Symposium on Discrete Algorithms-SODA 2001, pages 448-57, 2001.
42. Andreas Pashalidis. http://www.kyps.net, 2007.
43. Andreas Pashalidis and Chris J. Mitchell. Impostor: a single sign-on system for use from untrusted devices. In Proc. IEEE Globecom 2004, 2004.
44. Michael Rabin. How to exchange secrets by oblivious transfer. Technical Report TR-81, Harvard University, Aiken Computation Laboratory, 1981.
45. A. Russell and Y. Wang. How to fool an unbounded adversary with a short key. In Advances in Cryptology-EUROCRYPT 2002, 2002.
46. Andrew Yao. How to generate and exchange secrets. In IEEE Symposium on Foundations of Computer Science-FOCS 1986, pages 162-67, 1986.