Talk by Ruben Baecker: “Securing Passwords against Offline Dictionary Attacks”

Symbolic picture for the article. The link opens the image in a large view.

On 19. May 2022 at 12:00 CEST, Ruben Baecker will give a talk titled „Securing Passwords against Offline Dictionary Attacks“.

You can join the Zoom meeting using the following details:

https://fau.zoom.us/j/67341956588?pwd=a3VMUjQ4V1JUSDZuN2FnTk1IUWVJQT09

Meeting-ID: 673 4195 6588
Passcode: 209122

Abstract:

Passwords remain the prevailing means of authentication on the internet despite their shortcomings regarding security. Most often passwords are short, predictable, and reused among multiple services. Data breaches, where the authentication data of a login server is leaked, open the door for dictionary attacks that, if successful, might lead the attacker to personal information or even payment data.

The attempt to replace passwords as the predominant form of authentication has failed so far. Therefore, it is the task of cryptographers to find a way to make passwords more secure, even if a user chooses a weak password. In this thesis, we take a look at three families of schemes and their security definitions, that try to solve this problem.

A “Threshold Single Password Authentication” (TSPA) scheme enhances the user authentication to a login server with a password, a “Password Protected Secret Sharing” (PPSS) scheme enables a user to secret share data among multiple servers protected with a password, and a “Password to Random” (PTR) scheme aims to solve the general problem of transforming a low-entropy password into a high-entropy string. Although they all solve different problems, in the end, they have the same objective, namely protecting passwords against dictionary attacks. We furthermore give an overview of the concrete constructions from publications from the last decades and investigate the state-of-the-art constructions from each protocol family. Despite the similarities of their constructions, subtle differences in their security definitions separate the protocol families from each other.