Paper 2006/364
Spelling-Error Tolerant, Order-Independent Pass-Phrases via the Damerau-Levenshtein String-Edit Distance Metric
Gregory V. Bard
Abstract
It is well understood that passwords must be very long and complex to
have sufficient entropy for security purposes. Unfortunately, these
passwords tend to be hard to memorize, and so alternatives are
sought. Smart Cards, Biometrics, and Reverse Turing Tests (human-only
solvable puzzles) are options, but another option is to use
pass-phrases.
This paper explores methods for making pass-phrases suitable for use
with password-based authentication and key-exchange (PAKE) protocols,
and in particular, with schemes resilient to server-file
compromise. In particular, the
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Published elsewhere. Full version of paper appearing in the Proceedings of the Australasian Information Security and Privacy Workshop
- Keywords
- PasswordsPassword-Based Authenticated Key ExchangePAKEUsable Security
- Contact author(s)
- gregory bard @ ieee org
- History
- 2006-11-03: received
- Short URL
- https://ia.cr/2006/364
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2006/364, author = {Gregory V. Bard}, title = {Spelling-Error Tolerant, Order-Independent Pass-Phrases via the Damerau-Levenshtein String-Edit Distance Metric}, howpublished = {Cryptology {ePrint} Archive, Paper 2006/364}, year = {2006}, url = {https://eprint.iacr.org/2006/364} }