• xmlui.mirage2.page-structure.header.title
    • français
    • English
  • Help
  • Login
  • Language 
    • Français
    • English
View Item 
  •   BIRD Home
  • LAMSADE (UMR CNRS 7243)
  • LAMSADE : Publications
  • View Item
  •   BIRD Home
  • LAMSADE (UMR CNRS 7243)
  • LAMSADE : Publications
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Browse

BIRDResearch centres & CollectionsBy Issue DateAuthorsTitlesTypeThis CollectionBy Issue DateAuthorsTitlesType

My Account

LoginRegister

Statistics

Most Popular ItemsStatistics by CountryMost Popular Authors
Thumbnail - Request a copy

Securing password recovery through dispersion

Jajodia, Sushil; Litwin, Witold; Schwarz, Thomas (2012), Securing password recovery through dispersion, 2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN), proceedings, IEEE, p. 228-233. 10.1109/CASoN.2012.6412407

Type
Communication / Conférence
Date
2012
Conference title
2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN)
Conference date
2012-11
Conference city
Sao Carlos
Conference country
Brazil
Book title
2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN), proceedings
Publisher
IEEE
ISBN
978-1-4673-4793-8
Pages
228-233
Publication identifier
10.1109/CASoN.2012.6412407
Metadata
Show full item record
Author(s)
Jajodia, Sushil

Litwin, Witold
Laboratoire d'analyse et modélisation de systèmes pour l'aide à la décision [LAMSADE]
Schwarz, Thomas
Abstract (EN)
Passwords form the Achilles heel of most uses of modern cryptography. Key recovery is necessary to provide continuous access to documents and other electronic assets in spite of possible loss of a password. Key escrow services provide key recovery for the owner, but need to be trusted. Additionally, a user might want to divulge passwords in case of his/her death or incapacitation, but not before. We present here a scheme that uses dispersion to provide trusted escrow services. Our scheme uses secret sharing to disperse password recovery information over several escrow services that authenticate based on a weak password. To protect against dictionary attacks, each authentication attempt takes a noticeable, but tolerable time (e.g. minutes). We achieve this by having the share of the secret be the solution of a puzzle that is solved by brute force in time depending on the number of processors employed. This additionally prevents escrow agencies from optimizing their part in recovering a password by pre-computing and storing their share in a more accessible and hence vulnerable format.
Subjects / Keywords
Cloud; Dispersion; Password escrow; Password recovery

Related items

Showing items related by title and author.

  • Thumbnail
    Key Recovery Using Noised Secret Sharing with Discounts over Large Clouds 
    Jajodia, Sushil; Litwin, Witold; Schwarz, Thomas (2013) Communication / Conférence
  • Thumbnail
    Recoverable Encryption through Noised Secret over a Large Cloud 
    Schwarz, Thomas; Litwin, Witold; Jajodia, Sushil (2012) Communication / Conférence
  • Thumbnail
    Privacy of data outsourced to a cloud for selected readers through client-side encryption 
    Schwarz, Thomas; Jajodia, Sushil; Litwin, Witold (2011) Communication / Conférence
  • Thumbnail
    LH*RE: A Scalable Distributed Data Structure with Recoverable Encryption 
    Jajodia, Sushil; Litwin, Witold; Schwarz, Thomas (2010) Communication / Conférence
  • Thumbnail
    Scalable Distributed Virtual Data Structures 
    Jajodia, Sushil; Litwin, Witold; Schwarz, Thomas (2014) Communication / Conférence
Dauphine PSL Bibliothèque logo
Place du Maréchal de Lattre de Tassigny 75775 Paris Cedex 16
Phone: 01 44 05 40 94
Contact
Dauphine PSL logoEQUIS logoCreative Commons logo