An Oblivious Password Cracking Server
Date: August 2012
Publication: Anales del WSegI 2011 Workshop de Seguridad Informática
Source 1: http://arxiv.org/pdf/1307.8186v1.pdf
Source 2: http://corelabs.coresecurity.com/index.php?module=Wiki&action=attachment&type=publication&page=An_Oblivious_Password_Cracking_Server&file=paper_jaiio.pdf
Building a password cracking server that preserves the privacy of the queries made to the server is a problem that has not yet been solved. Such a server could acquire practical relevance in the future: for instance, the tables used to crack the passwords could be calculated, stored and hosted in cloud-computing services, and could be queried from devices with limited computing power.
In this paper we present a method to preserve the confidentiality of a password cracker|wherein the tables used to crack the passwords are stored by a third party|by combining Hellman tables and Private Information Retrieval (PIR) protocols. We provide the technical details of this method, analyze its complexity, and show the experimental results obtained with our implementation.
Do you have additional information to contribute regarding this research paper? If so, please email firstname.lastname@example.org with the details.