Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IACR
2016
2016
Per-Session Security: Password-Based Cryptography Revisited
Cryptographic security is usually defined as some form of guarantee that holds except when a bad event with negligible probability occurs, and nothing is guaranteed in that case. However, in settings where such failure can happen with substantial probability, one needs to provide guarantees even for the bad case. A typical example is where a (possibly weak) password is used instead of an unguessable cryptographic key to protect a session, the bad event being that the adversary correctly guesses the password. In a situation with multiple such sessions, a per-session guarantee is desired: any session for which the password has not been guessed remains secure, independently of whether other sessions have been compromised. In particular, a user with a very strong password enjoys the full security guarantees of an analysis in which passwords are replaced by uniform cryptographic keys. Our contributions are two-fold. First, we provide a new, general technique for stating security guarantees...
Real-time TrafficBiometrics | IACR 2016 |
| Added | 03 Apr 2016 |
| Updated | 03 Apr 2016 |
| Type | Journal |
| Year | 2016 |
| Where | IACR |
| Authors | Grégory Demay, Peter Gazi, Ueli Maurer, Björn Tackmann |
Comments (0)
Researcher Info
|
