NDLI: Pleco and Plectron – Two Provably Secure Password Hashing Algorithms

Please wait, while we are loading the content...

Pleco and Plectron – Two Provably Secure Password Hashing Algorithms

Content Provider	CiteSeerX
Author	Fan, Xinxin Gong, Guang Zhu, Bo
Abstract	Password-based authentication has been widely deployed in practice due to its simplicity and efficiency. Storing pass-words and deriving cryptographic keys from passwords in a secure manner are crucial for many security systems and services. However, choices of well-studied password hashing algorithms are extremely limited, as their security require-ments and design principles are different from common cryp-tographic algorithms. In this paper, we propose two practi-cal password hashing algorithms, Pleco and Plectron. They are built upon well-understood cryptographic algo-rithms, and combine advantages of symmetric and asymmet-ric primitives. By employing the Rabin cryptosystem, we prove that the one-wayness of Pleco is at least as strong as the hard problem of integer factorization. In addition, both password hashing algorithms are designed to be sequential memory-hard, in order to thwart large-scale password crack-ing by parallel hardware, such as GPUs, FPGAs, and ASICs. Moreover, total computation and memory consumptions of Pleco and Plectron are tunable through their cost pa-rameters.
File Format	PDF
Access Restriction	Open
Subject Keyword	Well-understood Cryptographic Algo-rithms Cost Pa-rameters Password-based Authentication Integer Factorization Security Require-ments Combine Advantage Cryptographic Key Sequential Memory-hard Parallel Hardware Large-scale Password Crack-ing Well-studied Password Hashing Algorithm Practi-cal Password Many Security System Common Cryp-tographic Algorithm Secure Manner Total Computation Password Hashing Algorithm Rabin Cryptosystem Provably Secure Password Hashing Algorithm Asymmet-ric Primitive
Content Type	Text

Central Library (ISO-9001:2015 Certified)
Indian Institute of Technology Kharagpur
Kharagpur, West Bengal, India | PIN - 721302

See location in the Map
03222 282435
Mail: support@ndl.gov.in

Sl.	Authority	Responsibilities	Communication Details
1	Ministry of Education (GoI), Department of Higher Education	Sanctioning Authority	https://www.education.gov.in/ict-initiatives
2	Indian Institute of Technology Kharagpur	Host Institute of the Project: The host institute of the project is responsible for providing infrastructure support and hosting the project	https://www.iitkgp.ac.in
3	National Digital Library of India Office, Indian Institute of Technology Kharagpur	The administrative and infrastructural headquarters of the project	Dr. B. Sutradhar bsutra@ndl.gov.in
4	Project PI / Joint PI	Principal Investigator and Joint Principal Investigators of the project	Dr. B. Sutradhar bsutra@ndl.gov.in Prof. Saswat Chakrabarti will be added soon
5	Website/Portal (Helpdesk)	Queries regarding NDLI and its services	support@ndl.gov.in
6	Contents and Copyright Issues	Queries related to content curation and copyright issues	content@ndl.gov.in
7	National Digital Library of India Club (NDLI Club)	Queries related to NDLI Club formation, support, user awareness program, seminar/symposium, collaboration, social media, promotion, and outreach	clubsupport@ndl.gov.in
8	Digital Preservation Centre (DPC)	Assistance with digitizing and archiving copyright-free printed books	dpc@ndl.gov.in
9	IDR Setup or Support	Queries related to establishment and support of Institutional Digital Repository (IDR) and IDR workshops	idr@ndl.gov.in