Sciweavers

CRYPTO
2006
Springer

Mitigating Dictionary Attacks on Password-Protected Local Storage

14 years 3 months ago
Mitigating Dictionary Attacks on Password-Protected Local Storage
We address the issue of encrypting data in local storage using a key that is derived from the user's password. The typical solution in use today is to derive the key from the password using a cryptographic hash function. This solution provides relatively weak protection, since an attacker that gets hold of the encrypted data can mount an off-line dictionary attack on the user's password, thereby recovering the key and decrypting the stored data. We propose an approach for limiting off-line dictionary attacks in this setting without relying on secret storage or secure hardware. In our proposal, the process of deriving a key from the password requires the user to solve a puzzle that is presumed to be solvable only by humans (e.g, a CAPTCHA). We describe a simple protocol using this approach: many different puzzles are stored on the disk, the user's password is used to specify which of them need to be solved, and the encryption key is derived from the password and the solu...
Ran Canetti, Shai Halevi, Michael Steiner
Added 20 Aug 2010
Updated 20 Aug 2010
Type Conference
Year 2006
Where CRYPTO
Authors Ran Canetti, Shai Halevi, Michael Steiner
Comments (0)