Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CTRSA
2005
Springer
2005
Springer
Proofs for Two-Server Password Authentication
Traditional password-based authentication and key-exchange protocols suffer from the simple fact that a single server stores the sensitive user password. In practice, when such a server is compromised, a large number of user passwords, (usually password hashes) are exposed at once. A natural solution involves splitting password between two or more servers. This work formally models the basic security requirement for two-server password authentication protocols, and in this framework provides concrete security proofs for two protocols. The first protocol considered [7] appeared at USENIX’03, but contained no security proof. For this protocol, we provide a concrete reduction to the computational Diffie-Hellman problem in the random oracle model. Next we present a second protocol, based on the same hard problem, but which is simpler, and has an easier, tighter reduction proof. Key words: password authentication, secret sharing, concrete security reduction
Real-time TrafficRelated Content
| Added | 26 Jun 2010 |
| Updated | 26 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | CTRSA |
| Authors | Michael Szydlo, Burton S. Kaliski Jr. |
Comments (0)
Researcher Info
|
