Password-based Encryption Analyzed

Martin Abadi; Bogdan Warinschi

Password-based Encryption Analyzed

Martin Abadi, Bogdan Warinschi

Cryptography and Information Security

Research output: Chapter in Book/Report/Conference proceeding › Conference Contribution (Conference Proceeding)

22 Citations (Scopus)

Abstract

The use of passwords in security protocols is particularly delicate because of the possibility of off-line guessing attacks. We study password-based protocols in the context of a recent line of research that aims to justify symbolic models in terms of more concrete, computational ones. We offer two models for reasoning about the concurrent use of symmetric, asymmetric, and password-based encryption in protocol messages. In each of the models we define a notion of equivalence between messages and also characterize when passwords are used securely in a message or in a set of messages. Our new definition for the computational security of password-based encryption may be of independent interest. The main results of this paper are two soundness theorems. We show that under certain (standard) assumptions about the computational implementation of the cryptographic primitives, symbolic equivalence implies computational equivalence. More importantly, we prove that symbolically secure uses of passwords are also computationally secure.

Translated title of the contribution	Password-based Encryption Analyzed
Original language	English
Title of host publication	Internation Colloqium on Automata, Languages and Programming - ICALP 2005
Publisher	Springer Berlin Heidelberg
Pages	664-676
Volume	3580
Publication status	Published - 2005

Bibliographical note

Other page information: 664-676
Conference Proceedings/Title of Journal: Internation Colloqium on Automata, Languages and Programming -- ICALP'05
Other identifier: 2000654

Access to Document

http://www.cs.bris.ac.uk/Publications/pub_master.jsp?id=2000654

Handle.net

Persistent link

Cite this

@inproceedings{1d737fbf31254291a21e139965231342,

title = "Password-based Encryption Analyzed",

abstract = "The use of passwords in security protocols is particularly delicate because of the possibility of off-line guessing attacks. We study password-based protocols in the context of a recent line of research that aims to justify symbolic models in terms of more concrete, computational ones. We offer two models for reasoning about the concurrent use of symmetric, asymmetric, and password-based encryption in protocol messages. In each of the models we define a notion of equivalence between messages and also characterize when passwords are used securely in a message or in a set of messages. Our new definition for the computational security of password-based encryption may be of independent interest. The main results of this paper are two soundness theorems. We show that under certain (standard) assumptions about the computational implementation of the cryptographic primitives, symbolic equivalence implies computational equivalence. More importantly, we prove that symbolically secure uses of passwords are also computationally secure. ",

author = "Martin Abadi and Bogdan Warinschi",

note = "Other page information: 664-676 Conference Proceedings/Title of Journal: Internation Colloqium on Automata, Languages and Programming -- ICALP'05 Other identifier: 2000654",

year = "2005",

language = "English",

volume = "3580",

pages = "664--676",

booktitle = "Internation Colloqium on Automata, Languages and Programming - ICALP 2005",

publisher = "Springer Berlin Heidelberg",

address = "Germany",

}

TY - GEN

T1 - Password-based Encryption Analyzed

AU - Abadi, Martin

AU - Warinschi, Bogdan

N1 - Other page information: 664-676 Conference Proceedings/Title of Journal: Internation Colloqium on Automata, Languages and Programming -- ICALP'05 Other identifier: 2000654

PY - 2005

Y1 - 2005

N2 - The use of passwords in security protocols is particularly delicate because of the possibility of off-line guessing attacks. We study password-based protocols in the context of a recent line of research that aims to justify symbolic models in terms of more concrete, computational ones. We offer two models for reasoning about the concurrent use of symmetric, asymmetric, and password-based encryption in protocol messages. In each of the models we define a notion of equivalence between messages and also characterize when passwords are used securely in a message or in a set of messages. Our new definition for the computational security of password-based encryption may be of independent interest. The main results of this paper are two soundness theorems. We show that under certain (standard) assumptions about the computational implementation of the cryptographic primitives, symbolic equivalence implies computational equivalence. More importantly, we prove that symbolically secure uses of passwords are also computationally secure.

AB - The use of passwords in security protocols is particularly delicate because of the possibility of off-line guessing attacks. We study password-based protocols in the context of a recent line of research that aims to justify symbolic models in terms of more concrete, computational ones. We offer two models for reasoning about the concurrent use of symmetric, asymmetric, and password-based encryption in protocol messages. In each of the models we define a notion of equivalence between messages and also characterize when passwords are used securely in a message or in a set of messages. Our new definition for the computational security of password-based encryption may be of independent interest. The main results of this paper are two soundness theorems. We show that under certain (standard) assumptions about the computational implementation of the cryptographic primitives, symbolic equivalence implies computational equivalence. More importantly, we prove that symbolically secure uses of passwords are also computationally secure.

M3 - Conference Contribution (Conference Proceeding)

VL - 3580

SP - 664

EP - 676

BT - Internation Colloqium on Automata, Languages and Programming - ICALP 2005

PB - Springer Berlin Heidelberg

ER -

Password-based Encryption Analyzed

Abstract

Bibliographical note

Access to Document

Handle.net

Fingerprint

Cite this