Vortrag von Ruben Baecker: „Securing Passwords against Offline Dictionary Attacks“

Symbolbild zum Artikel. Der Link öffnet das Bild in einer großen Anzeige.

Am 19. Mai 2022 um 12 Uhr hält Ruben Baecker einen Vortrag zum Thema „Securing Passwords against Offline Dictionary Attacks“.

Zur Teilnahme via Zoom verwenden Sie die folgenden Daten:

https://fau.zoom.us/j/67341956588?pwd=a3VMUjQ4V1JUSDZuN2FnTk1IUWVJQT09

Meeting-ID: 673 4195 6588
Kenncode: 209122

Unten stehend finden Sie die Kurzfassung des Vortrags in englischer Sprache.

Abstract:

Passwords remain the prevailing means of authentication on the internet despite their shortcomings regarding security. Most often passwords are short, predictable, and reused among multiple services. Data breaches, where the authentication data of a login server is leaked, open the door for dictionary attacks that, if successful, might lead the attacker to personal information or even payment data.

The attempt to replace passwords as the predominant form of authentication has failed so far. Therefore, it is the task of cryptographers to find a way to make passwords more secure, even if a user chooses a weak password. In this thesis, we take a look at three families of schemes and their security definitions, that try to solve this problem.

A “Threshold Single Password Authentication” (TSPA) scheme enhances the user authentication to a login server with a password, a “Password Protected Secret Sharing” (PPSS) scheme enables a user to secret share data among multiple servers protected with a password, and a “Password to Random” (PTR) scheme aims to solve the general problem of transforming a low-entropy password into a high-entropy string. Although they all solve different problems, in the end, they have the same objective, namely protecting passwords against dictionary attacks. We furthermore give an overview of the concrete constructions from publications from the last decades and investigate the state-of-the-art constructions from each protocol family. Despite the similarities of their constructions, subtle differences in their security definitions separate the protocol families from each other.