30
views
0
recommends
+1 Recommend
0 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Article: found
      Is Open Access

      AuthStore: Password-based Authentication and Encrypted Data Storage in Untrusted Environments

      Preprint
      ,

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Passwords are widely used for client to server authentication as well as for encrypting data stored in untrusted environments, such as cloud storage. Both, authentication and encrypted cloud storage, are usually discussed in isolation. In this work, we propose AuthStore, a flexible authentication framework that allows users to securely reuse passwords for authentication as well as for encrypted cloud storage at a single or multiple service providers. Users can configure how secure passwords are protected using password stretching techniques. We present a compact password-authenticated key exchange protocol (CompactPAKE) that integrates the retrieval of password stretching parameters. A parameter attack is described and we show how existing solutions suffer from this attack. Furthermore, we introduce a password manager that supports CompactPAKE.

          Related collections

          Most cited references16

          • Record: found
          • Abstract: not found
          • Book Chapter: not found

          Authenticated Key Exchange Secure against Dictionary Attacks

            Bookmark
            • Record: found
            • Abstract: not found
            • Conference Proceedings: not found

            A large-scale study of web password habits

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Password memorability and security: empirical results

                Bookmark

                Author and article information

                Journal
                14 May 2018
                Article
                1805.05033
                cb62fb3b-d8f1-460b-a3bb-9c4b20542740

                http://creativecommons.org/licenses/by-nc-sa/4.0/

                History
                Custom metadata
                8 pages, 3 figures, 1 table
                cs.CR

                Security & Cryptology
                Security & Cryptology

                Comments

                Comment on this article