Cryptology ePrint Archive: Report 2017/917

A practical, perfectly secure password scheme in the bounded retrieval model

Moses Liskov

Abstract: In this paper, we present a practical password scheme due to Spilman, which is perfectly secure in the bounded retrieval model, assuming ideal hash functions. The construction is based on a hash-like function com- puted by a third party “facilitator”. The facilitator is trusted, and security derives from the facilitator’s long random secret, although the adversary is assumed to be able to retrieve a large fraction of that secret.

Unlike the traditional “salted and hashed password” approach, this scheme is secure against an adversary capable of performing brute force dictionary attacks offline. The key security property for the facilitator function is a form of uncloneability, that prevents the adversary from calculating function values offline.

Category / Keywords: secret-key cryptography /

Date: received 20 Sep 2017

Contact author: mliskov at mitre org

Available format(s): PDF | BibTeX Citation

Version: 20170924:221631 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]