nach oben

Journal of Cryptographic Engineering

Erschienen in:

01.06.2014 | Regular Paper

Lyra: password-based key derivation with tunable memory and processing costs

verfasst von: Leonardo C. Almeida, Ewerton R. Andrade, Paulo S. L. M. Barreto, Marcos A. Simplicio Jr

Erschienen in: Journal of Cryptographic Engineering | Ausgabe 2/2014

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We present Lyra, a password-based key derivation scheme based on cryptographic sponges. Lyra was designed to be strictly sequential (i.e., not easily parallelizable), providing strong security even against attackers that use multiple processing cores (e.g., custom hardware or a powerful GPU). At the same time, it is very simple to implement in software and allows legitimate users to fine-tune its memory and processing costs according to the desired level of security against brute force password guessing. We compare Lyra with similar-purpose state-of-the-art solutions, showing how our proposal provides a higher security level and overcomes limitations of existing schemes. Specifically, we show that if we fix Lyra ’s total processing time \(t\) in a legitimate platform, the cost of a memory-free attack against the algorithm is exponential, while the best-known result in the literature (namely, against the scrypt algorithm) is quadratic. In addition, for an identical same processing time, Lyra allows for a higher memory usage than its counterparts, further increasing the cost of brute force attacks.

Nächster Artikel Efficient binary polynomial multiplication based on optimized Karatsuba reconstruction

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Andreeva, E., Mennink, B., Preneel, B.: The Parazoa family: generalizing the Sponge hash functions. IACR Cryptol. ePrint Arch. 2011, 28 (2011)

Apple: iOS security. Tech. rep., Apple Inc. (2012). http://images.apple.com/ipad/business/docs/iOS_Security_May12.pdf

Aumasson, J.P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of latin dances: Analysis of Salsa, ChaCha, and Rumba. In: Fast Software Encryption, vol. 5084, pp. 470–488. Springer, Berlin (2008). doi:10.1007/978-3-540-71039-4_30

Aumasson, J.P., Guo, J., Knellwolf, S., Matusiewicz, K., Meier, W.: Differential and invertibility properties of BLAKE. In: Fast Software Encryption, pp. 318–332. Springer, New York (2010). http://eprint.iacr.org/2010/043.pdf

Aumasson, J.P., Neves, S., Wilcox-OHearn, Z., Winnerlein, C.: BLAKE2: simpler, smaller, fast as MD5. https://blake2.net/blake2_20130129.pdf (2013)

Bellare, M., Ristenpart, T., Tessaro, S.: Multi-instance security and its application to password-based cryptography. In: Advances in Cryptology (CRYPTO 2012), LNCS, vol. 7417, pp. 312–329. Springer, Berlin (2012). doi:10.1007/978-3-642-32009-19

Bernstein, D.: The Salsa20 family of stream ciphers. In: M. Robshaw, O. Billet (eds.) New Stream Cipher Designs, pp. 84–97. Springer, Berlin (2008). doi:10.1007/978-3-540-68351-3_8

Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Sponge functions (ECRYPT Hash Function Workshop 2007) (2007). http://csrc.nist.gov/pki/HashWorkshop/Public_Comments/2007_May.html

Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Cryptographic sponge functions—version 0.1. http://keccak.noekeon.org/ (2011)

10.

Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak SHA-3 submission. Submission to NIST (Round 3) (2011). http://keccak.noekeon.org/Keccak-submission-3.pdf

11.

Bonneau, J., Herley, C., van Oorschot, P.C., Stajano, F.: The quest to replace passwords: a framework for comparative evaluation of web authentication schemes. In: IEEE Symposium on Security and Privacy, pp. 553–567 (2012). doi:10.1109/SP.2012.44

12.

Chakrabarti, S., Singbal, M.: Password-based authentication: preventing dictionary attacks. Computer 40(6), 68–74 (2007). doi:10.1109/MC.2007.216 CrossRef

13.

Chang, S.J., Perlner, R., Burr, W.E., Turan, M.S., Kelsey, J.M., Paul, S., Bassham, L.E.: Third-Round Report of the SHA-3 Cryptographic Hash Algorithm Competition. US Department of Commerce, National Institute of Standards and Technology (2012). http://nvlpubs.nist.gov/nistpubs/ir/2012/NIST.IR.7896.pdf

14.

Chung, E.S., Milder, P.A., Hoe, J.C., Mai, K.: Single-chip heterogeneous computing: Does the future include custom logic, FPGAs, and GPGPUs? In: Proc. of the 43rd Annual IEEE/ACM International Symposium on Microarchitecture, MICRO’43, pp. 225–236. IEEE Computer Society, Washington, DC (2010). doi:10.1109/MICRO.2010.36

15.

Conklin, A., Dietrich, G., Walz, D.: Password-based authentication: a system perspective. In: Proc. of the 37th Annual Hawaii International Conference on System Sciences (HICSS’04), HICSS’04, vol. 7, pp. 170–179. IEEE Computer Society, Washington, DC (2004). http://dl.acm.org/citation.cfm?id=962755.963150

16.

Crew, B.: New carnivorous harp sponge discovered in deep sea. Nature (2012). doi:10.1038/nature.2012.11789. http://www.nature.com/news/new-carnivorous-harp-sponge-discovered-in-deep-sea-1.11789

17.

Daemen, J., Rijmen, V.: A new MAC construction alred and a specific instance alpha-mac. In: Fast Software Encryption—FSE’05, pp. 1–17 (2005). doi:10.1007/11502760_1

18.

Daemen, J., Rijmen, V.: Refinements of the alred construction and MAC security claims. Inf. Secur. IET 4(3), 149–157 (2010). doi:10.1049/iet-ifs. 2010.0015CrossRef

19.

Dandass, Y.S.: Using FPGAs to parallelize dictionary attacks for password cracking. In: Proc. of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008), pp. 485–485. IEEE (2008). doi:10.1109/HICSS.2008.484

20.

Dürmuth, M., Güneysu, T., Kasper, M.: Evaluation of standardized password-based key derivation against parallel processing platforms. In: Computer Security-ESORICS 2012, LNCS, vol. 7459, pp. 716–733. Springer, Berlin (2012). doi:10.1007/978-3-642-33167-1_41

21.

Florencio, D., Herley, C.: A large scale study of web password habits. Proc. of the 16th International Conference on World Wide Web. Alberta, pp. 657–666 (2007)

22.

Fowers, J., Brown, G., Cooke, P., Stitt, G.: A performance and energy comparison of FPGAs, GPUs, and multicores for sliding-window applications. In: Proceedings of the ACM/SIGDA Internbational Symposium on Field Programmable Gate Arrays (FPGA’12), pp. 47–56. ACM, New York (2012). doi:10.1145/2145694.2145704

23.

Halderman, J., Schoen, S., Heninger, N., Clarkson, W., Paul, W., Calandrino, J., Feldman, A., Appelbaum, J., Felten, E.: Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52(5), 91–98 (2009). doi:10.1145/1506409.1506429 CrossRef

24.

Herley, C., van Oorschot, P., Patrick, A.: Passwords: If we’re so smart, why are we still using them? In: Financial Cryptography and Data Security, LNCS, vol. 5628, pp. 230–237. Springer, Berlin (2009). doi:10.1007/978-3-642-03549-4_14

25.

Kakarountas, A.P., Michail, H., Milidonis, A., Goutis, C.E., Theodoridis, G.: High-speed FPGA implementation of secure hash algorithm for IPSec and VPN applications. J. Supercomput. 37(2), 179–195 (2006). doi:10.1007/s11227-006-5682-5 CrossRef

26.

Kaliski, B.: PKCS#5: Password-based cryptography specification version 2.0 (RFC 2898) (2000). http://tools.ietf.org/html/rfc2898

27.

Kelsey, J., Schneier, B., Hall, C., Wagner, D.: Secure applications of low-entropy keys. In: Proceedings of the 1st International Workshop on Information Security, ISW ’97, pp. 121–134. Springer, London (1998)

28.

Khronos Group: The OpenCL specification—version 1.2 (2012)

29.

Marechal, M.: Advances in password cracking. J. Comput. Virol. 4(1), 73–81 (2008). doi:10.1007/s11416-007-0064-y CrossRef

30.

Ming, M., Qiang, H., Zeng, S.: Security analysis of BLAKE-32 based on differential properties. In: 2010 International Conference on Computational and Information Sciences (ICCIS), IEEE, pp. 783–786 (2010). http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5709204

31.

NIST: Federal Information Processing Standard (FIPS PUB 198)—the Keyed-Hash Message Authentication Code. National Institute of Standards and Technology, U.S. Department of Commerce (2002). http://csrc.nist.gov/publications/fips/fips198/fips-198a.pdf

32.

NIST: Special Publication 800-18—recommendation for key derivation using pseudorandom functions. National Institute of Standards and Technology, U.S. Department of Commerce (2009). http://csrc.nist.gov/publications/nistpubs/800-108/sp800-108.pdf

33.

NIST: Special Publication 800-63-1—Electronic Authentication Guideline. National Institute of Standards and Technology, U.S. Department of Commerce (2011). http://csrc.nist.gov/publications/nistpubs/800-63-1/SP-800-63-1.pdf

34.

Nvidia: CUDA C programming guide. http://docs.nvidia.com/cuda/cuda-c-programming-guide/ (2012)

35.

Nvidia: Tesla Kepler family product overview. http://www.nvidia.com/content/tesla/pdf/Tesla-KSeries-Overview-LR.pdf (2012)

36.

Percival, C.: Stronger key derivation via sequential memory-hard functions. In: BSDCan 2009—The Technical BSD Conference (2009). http://www.bsdcan.org/2009/schedule/attachments/87_scrypt.pdf

37.

PHC: Password hashing competition. https://password-hashing.net/ (2013)

38.

Provos, N., Mazières, D.: A future-adaptable password scheme. In: Proceedings of the FREENIX track: 1999 USENIX Annual Technical Conference (1999)

39.

Schneier, B.: Description of a new variable-length key, 64-bit block cipher (Blowfish). Fast Software Encryption, pp. 191–204. Cambridge Security Workshop. Springer, London (1994)

40.

SciEngines: Rivyera s3-5000. http://sciengines.com/products/computers-and-clusters/rivyera-s3-5000.html

41.

SciEngines: Rivyera v7-2000t. http://sciengines.com/products/computers-and-clusters/v72000t.html

42.

Simplicio Jr, M.A., Barbuda, P., Barreto, P., Carvalho, T., Margi, C.: The marvin message authentication code and the lettersoup authenticated encryption scheme. Secur. Commun. Netw. 2, 165–180 (2009). doi:10.1002/sec.66

43.

Simplicio Jr, M.A., Barreto, P.S.L.M.: Revisiting the security of the alred design and two of its variants: Marvin and LetterSoup. IEEE Trans. Inf. Theory 58(9), 6223–6238 (2012). doi:10.1109/TIT.2012.2203093 CrossRefMathSciNet

44.

Sprengers, M.: GPU-based password cracking: on the security of password hashing schemes regarding advances in graphics processing units. Master’s thesis, Radboud University Nijmegen (2011). http://www.ru.nl/publish/pages/578936/thesis.pdf

45.

TrendForce: DRAM contract price (jan.15 2013). http://www.trendforce.com/price (visited on Apr. 22, 2013) (2013)

46.

TrueCrypt: TrueCrypt: Free open-source on-the-fly encryption—documentation. http://www.truecrypt.org/docs/ (2012)

47.

Weir, M., Aggarwal, S., Medeiros, B.d., Glodek, B.: Password cracking using probabilistic context-free grammars. In: Proceedings of the 30th IEEE Symposium on Security and Privacy, SP’09, pp. 391–405. IEEE Computer Society, Washington, DC (2009). doi:10.1109/SP.2009.8

48.

Yao, F., Yin, Y.: Design and analysis of password-based key derivation functions. IEEE Trans. Inf. Theory 51(9), 3292–3297 (2005). doi:10.1109/TIT.2005.853307 CrossRefMathSciNet

49.

Yuill, J., Denning, D., Feer, F.: Using deception to hide things from hackers: processes, principles, and techniques. J. Inf. Warfare 5(3), 26–40 (2006)

Titel: Lyra: password-based key derivation with tunable memory and processing costs
verfasst von: Leonardo C. Almeida
Ewerton R. Andrade
Paulo S. L. M. Barreto
Marcos A. Simplicio Jr
Publikationsdatum: 01.06.2014
Verlag: Springer Berlin Heidelberg
Erschienen in: Journal of Cryptographic Engineering / Ausgabe 2/2014
Print ISSN: 2190-8508
Elektronische ISSN: 2190-8516
DOI: https://doi.org/10.1007/s13389-013-0063-5

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2014

Designing stream ciphers with scalable data-widths: a case study with HC-128

Scaling efficient code-based cryptosystems for embedded platforms

Efficient binary polynomial multiplication based on optimized Karatsuba reconstruction

Achieving side-channel high-order correlation immunity with leakage squeezing

Premium Partner