Stronger Password-Based Encryption Using I/O Hardness
Author(s): Greg Zaverucha

Date: August 2015
Publication: Passwords15 Las Vegas / MSR-TR-2015-63
Source 1: http://research.microsoft.com/pubs/252097/pbe.pdf

Abstract or Summary:
Password-based encryption needs all the help it can get to withstand brute-force attacks. We repurpose an old idea to encrypt data so that each password guess requires processing all of the encrypted data. Then, we'll look at some use cases to see how the costs change for the attacker and defender. In a brute force attack, this can mean a large increase in attacker I/O, with little cost increase to defenders, who must process all of the data anyway.

PasswordResearch.com Note: Video of presentation: https://www.youtube.com/watch?v=LveLewyqTt8 Technical report uses slightly different title of "Stronger Password-Based Encryption Using All-of-Nothing Transforms"


Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2016 PasswordResearch.com