Per-Session Security: Password-Based Cryptography Revisited View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2017-08-12

AUTHORS

Grégory Demay , Peter Gaži , Ueli Maurer , Björn Tackmann

ABSTRACT

Cryptographic security is usually defined as a guarantee that holds except when a bad event with negligible probability occurs, and nothing is guaranteed in that case. However, in settings where a failure can happen with substantial probability, one needs to provide guarantees even for the bad case. A typical example is where a (possibly weak) password is used instead of a secure cryptographic key to protect a session, the bad event being that the adversary correctly guesses the password. In a situation with multiple such sessions, a per-session guarantee is desired: any session for which the password has not been guessed remains secure, independently of whether other sessions have been compromised.Our contributions are two-fold. First, we provide a new, general technique for stating security guarantees that degrade gracefully and which could not be expressed with existing formalisms. Our method is simple, does not require new security definitions, and can be carried out in any simulation-based security framework (thus providing composability). Second, we apply our approach to revisit the analysis of password-based message authentication and of password-based (symmetric) encryption (PBE), investigating whether they provide strong per-session guarantees.In the case of PBE, one would intuitively expect a weak form of confidentiality, where a transmitted message only leaks to the adversary once the underlying password is guessed. Indeed, we show that PBE does achieve this weak confidentiality if an upper-bound on the number of adversarial password-guessing queries is known in advance for each session. However, such local restrictions appear to be questionable in reality and, quite surprisingly, we show that in a more realistic scenario the desired per-session confidentiality is unachievable. More... »

PAGES

408-426

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-66402-6_24

DOI

http://dx.doi.org/10.1007/978-3-319-66402-6_24

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1091160349


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Ergon Informatik AG, Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "Ergon Informatik AG, Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Demay", 
        "givenName": "Gr\u00e9gory", 
        "id": "sg:person.015232157523.41", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015232157523.41"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IOHK Research, Vienna, Austria", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "IOHK Research, Vienna, Austria"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Ga\u017ei", 
        "givenName": "Peter", 
        "id": "sg:person.012620015221.67", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012620015221.67"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.5801.c", 
          "name": [
            "Department of Computer Science, ETH Z\u00fcrich, Z\u00fcrich, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Maurer", 
        "givenName": "Ueli", 
        "id": "sg:person.01316567627.91", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "IBM Research - Zurich, R\u00fcschlikon, Switzerland", 
          "id": "http://www.grid.ac/institutes/grid.410387.9", 
          "name": [
            "IBM Research - Zurich, R\u00fcschlikon, Switzerland"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Tackmann", 
        "givenName": "Bj\u00f6rn", 
        "id": "sg:person.07617171521.69", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07617171521.69"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2017-08-12", 
    "datePublishedReg": "2017-08-12", 
    "description": "Cryptographic security is usually defined as a guarantee that holds except when a bad event with negligible probability occurs, and nothing is guaranteed in that case. However, in settings where a failure can happen with substantial probability, one needs to provide guarantees even for the bad case. A typical example is where a (possibly weak) password is used instead of a secure cryptographic key to protect a session, the bad event being that the adversary correctly guesses the password. In a situation with multiple such sessions, a per-session guarantee is desired: any session for which the password has not been guessed remains secure, independently of whether other sessions have been compromised.Our contributions are two-fold. First, we provide a new, general technique for stating security guarantees that degrade gracefully and which could not be expressed with existing formalisms. Our method is simple, does not require new security definitions, and can be carried out in any simulation-based security framework (thus providing composability). Second, we apply our approach to revisit the analysis of password-based message authentication and of password-based (symmetric) encryption (PBE), investigating whether they provide strong per-session guarantees.In the case of PBE, one would intuitively expect a weak form of confidentiality, where a transmitted message only leaks to the adversary once the underlying password is guessed. Indeed, we show that PBE does achieve this weak confidentiality if an upper-bound on the number of adversarial password-guessing queries is known in advance for each session. However, such local restrictions appear to be questionable in reality and, quite surprisingly, we show that in a more realistic scenario the desired per-session confidentiality is unachievable.", 
    "editor": [
      {
        "familyName": "Foley", 
        "givenName": "Simon N.", 
        "type": "Person"
      }, 
      {
        "familyName": "Gollmann", 
        "givenName": "Dieter", 
        "type": "Person"
      }, 
      {
        "familyName": "Snekkenes", 
        "givenName": "Einar", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-66402-6_24", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-319-66401-9", 
        "978-3-319-66402-6"
      ], 
      "name": "Computer Security \u2013 ESORICS 2017", 
      "type": "Book"
    }, 
    "keywords": [
      "password-based encryption", 
      "session guarantees", 
      "secure cryptographic keys", 
      "new security definition", 
      "session security", 
      "message authentication", 
      "security framework", 
      "cryptographic keys", 
      "cryptographic security", 
      "security guarantees", 
      "security definitions", 
      "password", 
      "transmitted message", 
      "confidentiality", 
      "realistic scenarios", 
      "guarantees", 
      "adversary", 
      "negligible probability", 
      "worst case", 
      "general technique", 
      "security", 
      "encryption", 
      "authentication", 
      "queries", 
      "such sessions", 
      "cryptography", 
      "bad events", 
      "typical example", 
      "messages", 
      "two-fold", 
      "scenarios", 
      "framework", 
      "key", 
      "local restrictions", 
      "reality", 
      "probability", 
      "sessions", 
      "technique", 
      "formalism", 
      "example", 
      "situation", 
      "definition", 
      "method", 
      "advances", 
      "number", 
      "cases", 
      "restriction", 
      "setting", 
      "contribution", 
      "events", 
      "weak form", 
      "substantial probability", 
      "analysis", 
      "form", 
      "failure", 
      "remains", 
      "approach"
    ], 
    "name": "Per-Session Security: Password-Based Cryptography Revisited", 
    "pagination": "408-426", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1091160349"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-66402-6_24"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-66402-6_24", 
      "https://app.dimensions.ai/details/publication/pub.1091160349"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-05-20T07:43", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20220519/entities/gbq_results/chapter/chapter_212.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-319-66402-6_24"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-66402-6_24'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-66402-6_24'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-66402-6_24'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-66402-6_24'


 

This table displays all metadata directly associated to this object as RDF triples.

156 TRIPLES      23 PREDICATES      82 URIs      75 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-66402-6_24 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author Nabc353bb83364e4dac244f8bf8f2409a
4 schema:datePublished 2017-08-12
5 schema:datePublishedReg 2017-08-12
6 schema:description Cryptographic security is usually defined as a guarantee that holds except when a bad event with negligible probability occurs, and nothing is guaranteed in that case. However, in settings where a failure can happen with substantial probability, one needs to provide guarantees even for the bad case. A typical example is where a (possibly weak) password is used instead of a secure cryptographic key to protect a session, the bad event being that the adversary correctly guesses the password. In a situation with multiple such sessions, a per-session guarantee is desired: any session for which the password has not been guessed remains secure, independently of whether other sessions have been compromised.Our contributions are two-fold. First, we provide a new, general technique for stating security guarantees that degrade gracefully and which could not be expressed with existing formalisms. Our method is simple, does not require new security definitions, and can be carried out in any simulation-based security framework (thus providing composability). Second, we apply our approach to revisit the analysis of password-based message authentication and of password-based (symmetric) encryption (PBE), investigating whether they provide strong per-session guarantees.In the case of PBE, one would intuitively expect a weak form of confidentiality, where a transmitted message only leaks to the adversary once the underlying password is guessed. Indeed, we show that PBE does achieve this weak confidentiality if an upper-bound on the number of adversarial password-guessing queries is known in advance for each session. However, such local restrictions appear to be questionable in reality and, quite surprisingly, we show that in a more realistic scenario the desired per-session confidentiality is unachievable.
7 schema:editor Nad303ff2652b45d59ddcf79e4a683bd9
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree false
11 schema:isPartOf Ne57b23f22ce4451c9ff67d9ffe9d7e6d
12 schema:keywords advances
13 adversary
14 analysis
15 approach
16 authentication
17 bad events
18 cases
19 confidentiality
20 contribution
21 cryptographic keys
22 cryptographic security
23 cryptography
24 definition
25 encryption
26 events
27 example
28 failure
29 form
30 formalism
31 framework
32 general technique
33 guarantees
34 key
35 local restrictions
36 message authentication
37 messages
38 method
39 negligible probability
40 new security definition
41 number
42 password
43 password-based encryption
44 probability
45 queries
46 realistic scenarios
47 reality
48 remains
49 restriction
50 scenarios
51 secure cryptographic keys
52 security
53 security definitions
54 security framework
55 security guarantees
56 session guarantees
57 session security
58 sessions
59 setting
60 situation
61 substantial probability
62 such sessions
63 technique
64 transmitted message
65 two-fold
66 typical example
67 weak form
68 worst case
69 schema:name Per-Session Security: Password-Based Cryptography Revisited
70 schema:pagination 408-426
71 schema:productId N3a0fbde2d07f43d28fb2bbe844acbf6f
72 N7e4609a52389417eb117f9aa18c9a67b
73 schema:publisher N826de752bc50434b8d4d6388727ab474
74 schema:sameAs https://app.dimensions.ai/details/publication/pub.1091160349
75 https://doi.org/10.1007/978-3-319-66402-6_24
76 schema:sdDatePublished 2022-05-20T07:43
77 schema:sdLicense https://scigraph.springernature.com/explorer/license/
78 schema:sdPublisher Ndb383091ba64488fb7f5df78e8d8e7fe
79 schema:url https://doi.org/10.1007/978-3-319-66402-6_24
80 sgo:license sg:explorer/license/
81 sgo:sdDataset chapters
82 rdf:type schema:Chapter
83 N0f46d86197fa4041aa72f3c019d608fd schema:familyName Snekkenes
84 schema:givenName Einar
85 rdf:type schema:Person
86 N2902c8b05dad4edd8aea6694c0c3c325 schema:familyName Gollmann
87 schema:givenName Dieter
88 rdf:type schema:Person
89 N37bd5b1d51594ff3a7e44f5a469b056b rdf:first sg:person.012620015221.67
90 rdf:rest Nedebb9c1adfc400281d4c9f8cbd0fa81
91 N3a0fbde2d07f43d28fb2bbe844acbf6f schema:name doi
92 schema:value 10.1007/978-3-319-66402-6_24
93 rdf:type schema:PropertyValue
94 N5f5be98347694cb6806bdcb8711cc4ab rdf:first sg:person.07617171521.69
95 rdf:rest rdf:nil
96 N69033daa5e914fb4bc5197595113f39e rdf:first N2902c8b05dad4edd8aea6694c0c3c325
97 rdf:rest Na111ef27a16a4e80b8c73961df686e75
98 N7e4609a52389417eb117f9aa18c9a67b schema:name dimensions_id
99 schema:value pub.1091160349
100 rdf:type schema:PropertyValue
101 N826de752bc50434b8d4d6388727ab474 schema:name Springer Nature
102 rdf:type schema:Organisation
103 Na111ef27a16a4e80b8c73961df686e75 rdf:first N0f46d86197fa4041aa72f3c019d608fd
104 rdf:rest rdf:nil
105 Nabc353bb83364e4dac244f8bf8f2409a rdf:first sg:person.015232157523.41
106 rdf:rest N37bd5b1d51594ff3a7e44f5a469b056b
107 Nad303ff2652b45d59ddcf79e4a683bd9 rdf:first Ne624c11b5e0d4ff690975ef388b5475a
108 rdf:rest N69033daa5e914fb4bc5197595113f39e
109 Ndb383091ba64488fb7f5df78e8d8e7fe schema:name Springer Nature - SN SciGraph project
110 rdf:type schema:Organization
111 Ne57b23f22ce4451c9ff67d9ffe9d7e6d schema:isbn 978-3-319-66401-9
112 978-3-319-66402-6
113 schema:name Computer Security – ESORICS 2017
114 rdf:type schema:Book
115 Ne624c11b5e0d4ff690975ef388b5475a schema:familyName Foley
116 schema:givenName Simon N.
117 rdf:type schema:Person
118 Nedebb9c1adfc400281d4c9f8cbd0fa81 rdf:first sg:person.01316567627.91
119 rdf:rest N5f5be98347694cb6806bdcb8711cc4ab
120 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
121 schema:name Information and Computing Sciences
122 rdf:type schema:DefinedTerm
123 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
124 schema:name Data Format
125 rdf:type schema:DefinedTerm
126 sg:person.012620015221.67 schema:affiliation grid-institutes:None
127 schema:familyName Gaži
128 schema:givenName Peter
129 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012620015221.67
130 rdf:type schema:Person
131 sg:person.01316567627.91 schema:affiliation grid-institutes:grid.5801.c
132 schema:familyName Maurer
133 schema:givenName Ueli
134 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.01316567627.91
135 rdf:type schema:Person
136 sg:person.015232157523.41 schema:affiliation grid-institutes:None
137 schema:familyName Demay
138 schema:givenName Grégory
139 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.015232157523.41
140 rdf:type schema:Person
141 sg:person.07617171521.69 schema:affiliation grid-institutes:grid.410387.9
142 schema:familyName Tackmann
143 schema:givenName Björn
144 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.07617171521.69
145 rdf:type schema:Person
146 grid-institutes:None schema:alternateName Ergon Informatik AG, Zürich, Switzerland
147 IOHK Research, Vienna, Austria
148 schema:name Ergon Informatik AG, Zürich, Switzerland
149 IOHK Research, Vienna, Austria
150 rdf:type schema:Organization
151 grid-institutes:grid.410387.9 schema:alternateName IBM Research - Zurich, Rüschlikon, Switzerland
152 schema:name IBM Research - Zurich, Rüschlikon, Switzerland
153 rdf:type schema:Organization
154 grid-institutes:grid.5801.c schema:alternateName Department of Computer Science, ETH Zürich, Zürich, Switzerland
155 schema:name Department of Computer Science, ETH Zürich, Zürich, Switzerland
156 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...