Master Thesis Presentation Marius Frinken: “Password-based Secure Cloud Storage”
On 27 May 2021 at 16:00 CET, Marius Frinken will present his master thesis titled “Password-based Secure Cloud Storage”.
You can join the Zoom meeting using the details provided here.
Using a cloud storage service like Dropbox is currently the defacto standard for sharing files over the Internet. Passwords are currently the dominating authentication method for such services. Cloud services that offer end-to-end encryption like tresorit mostly rely on hashing the user-chosen password to authenticate the user and simultaneously derive the necessary encryption keys. This exposes this type of system to offline brute-force attacks; a stolen database of password hashes allows an attacker to systematically guess the password while being unattached to the system. The newly developed password-hardened encryption (PHE) approach eliminates this attack surface while strictly limiting online guessing attempts. In this thesis, we explore how PHE can be utilized to create a secure and efficient password-based cloud sharing system. We explore what notions of security are feasible within such a system and provide a construction that meets our demands. The security and the efficiency of this construction is fundamentally analyzed and discussed in detail.