The dramatic increase in headline-grabbing cyberattacks over the past years has made it alarmingly clear that traditional security solutions no longer suffice to protect user data in general and passwords in particular.
It is often claimed that passwords are broken and we should stop using them altogether. We are convinced that this is not true. In our view, passwords are just used incorrectly.
If appropriate cryptographic techniques are applied, passwords are a secure and usable means of authentication.
Therefore, we have developed various cryptographic protocols to restore the security of passwords. One such protocol enables distributed password verification, which makes it significantly more difficult for criminals to steal password databases.
Distributed password verification
At IBM Research – Zurich, we recently developed a highly efficient and provably secure cryptographic protocol for protecting user passwords against server compromise. The protocol distributes information required for the password verification process over multiple servers such that attackers have to compromise all involved servers simultaneously to compromise the passwords. In particular, the passwords are stored such that they remain secure even if the corresponding database is stolen.
The problem with passwords
The conventional way to authenticate users by means of a password is to salt and hash the user-provided password attempt and compare it against a corresponding hash value stored in a database.
[ More ]
Security through collaboration
With our distributed password verification protocol, the password hash is still stored centrally in a service provider’s database.
[ More ]
Quick recovery from breaches
If a breach of one of the involved servers is detected or suspected, one can perform a clever key refresh, which replaces the server keys with new ones, and the system returns to a secure state without the passwords having been at risk.
[ More ]
Simpler passwords can become secure
The reason why complicated password rules force users to choose long and complex passwords is that this makes offline attacks on the password hash databases less likely to succeed.
[ More ]
User-specific document encryption
On top of the security advantage that our protocol provides, it also allows users to derive a user-specific cryptographic key that is dependent on the user’s password.
[ More ]
Prototype implementation
If you are interested in our protocol, don’t hesitate to contact us. We have a highly efficient prototype implementation of our protocol readily available, and it is easy to integrate into existing infrastructures.
Contacts
Michael Osborne
Manager, Foundational Cryptography and Quantum-safe Cloud & Systems
Julia Hesse
IBM Research scientist