Permutation-Based Hash Chains with Application to Password Hashing
Abstract: Hash chain based password systems are a useful way to guarantee authentication with one-time passwords. The core idea dates back to Lamport, and is specified in RFC 1760 as S/Key. At CCS 2017, Kogan et al. introduced T/Key, an improved password system where one-time passwords are only valid for a limited time period. They proved security of their construction in the random oracle model under a basic modeling of the adversary. In this work, we make various advances in the analysis and instantiation of hash chain based password systems. Firstly, we describe a slight abstraction called U/Key that allows for more flexibility in the instantiation and analysis, and we develop a security model that refines the adversarial strength into offline and online complexity, that can be used beyond the random oracle model, and that allows to argue multi-user security directly. Secondly, we derive a new security proof of U/Key in the random oracle model, as well as dedicated and tighter security pr.... https://ojs.ub.rub.de/index.php/ToSC/article/view/11955
- Location
-
Deutsche Nationalbibliothek Frankfurt am Main
- Extent
-
Online-Ressource
- Language
-
Englisch
- Bibliographic citation
-
Permutation-Based Hash Chains with Application to Password Hashing ; volume:2024 ; number:4 ; year:2024
IACR transactions on symmetric cryptology ; 2024, Heft 4 (2024)
- Creator
-
Lefevre, Charlotte
Mennink, Bart
- DOI
-
10.46586/tosc.v2024.i4.249-286
- URN
-
urn:nbn:de:101:1-2412181758586.739249015063
- Rights
-
Open Access; Der Zugriff auf das Objekt ist unbeschränkt möglich.
- Last update
-
15.08.2025, 7:29 AM CEST
Data provider
Deutsche Nationalbibliothek. If you have any questions about the object, please contact the data provider.
Associated
- Lefevre, Charlotte
- Mennink, Bart
Other Objects (12)
Permutation-Based Hashing Beyond the Birthday Bound
Deep Hashing with Hash Center Update for Efficient Image Retrieval
mvHash-B - a new approach for similarity preserving hashing
Lightweight AEAD and hashing using the sparkle permutation family
Enter password: recovery : re-enter password
Enter password : Recovery : Re-enter password
HASH
bloomRF: On performing range-queries in Bloom-Filters with piecewise-monotone hash functions and prefix hashing
Load thresholds for cuckoo hashing with double hashing
HaSH
SIR HASH
haSh
Permutation-Based Hashing Beyond the Birthday Bound
Deep Hashing with Hash Center Update for Efficient Image Retrieval
mvHash-B - a new approach for similarity preserving hashing
Lightweight AEAD and hashing using the sparkle permutation family
Enter password: recovery : re-enter password
Enter password : Recovery : Re-enter password
HASH
bloomRF: On performing range-queries in Bloom-Filters with piecewise-monotone hash functions and prefix hashing
Load thresholds for cuckoo hashing with double hashing
HaSH
SIR HASH
haSh
Permutation-Based Hashing Beyond the Birthday Bound
Deep Hashing with Hash Center Update for Efficient Image Retrieval
mvHash-B - a new approach for similarity preserving hashing
Lightweight AEAD and hashing using the sparkle permutation family
Enter password: recovery : re-enter password
Enter password : Recovery : Re-enter password
HASH
bloomRF: On performing range-queries in Bloom-Filters with piecewise-monotone hash functions and prefix hashing
Load thresholds for cuckoo hashing with double hashing
HaSH
SIR HASH