TY - GEN
T1 - Homomorphic Password Manager Using Multiple-Hash with PUF
AU - Assiri, Sareh
AU - Cambou, Bertrand
N1 - Publisher Copyright:
© 2021, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2021
Y1 - 2021
N2 - In the proposed homomorphic methods, the server authenticates clients without ever knowing their passwords. During enrollment, the users subject their passwords to multiple hashing cycles, typically 1000 times, and communicate the resulting message digests to the server. Rather than storing these message digests, the server uses them to find addresses in the physical unclonable functions, which generate data streams that are stored for future authentication. The authentication cycles use the following steps: i) The users hash their passwords multiple times, at levels lower than the one used during enrollment; ii) The server generates data streams from the physical elements at the address extracted from the message digest and compares it to the data streams stored during enrollment, and iii) The server reiterates the previous step by incrementally hashing the resulting message digest to find a match, or it rejects the password. During subsequent authentication cycles, the users again hash their passwords multiple times, but at levels lower than the ones used during the previous cycles. Thereby it becomes pointless for third parties to intercept previously hashed passwords; they are never used twice. Hacking a database containing the data streams extracted from the physical unclonable functions during enrollment is also pointless without also having access to the devices. In this entire homomorphic protocol, the users are the only ones who know their passwords. This paper presents a prototype demonstrating the functionality of an example of a homomorphic password manager protocol with SHA-3–512 hashing algorithm exploiting the physical randomness of static random-access memories.
AB - In the proposed homomorphic methods, the server authenticates clients without ever knowing their passwords. During enrollment, the users subject their passwords to multiple hashing cycles, typically 1000 times, and communicate the resulting message digests to the server. Rather than storing these message digests, the server uses them to find addresses in the physical unclonable functions, which generate data streams that are stored for future authentication. The authentication cycles use the following steps: i) The users hash their passwords multiple times, at levels lower than the one used during enrollment; ii) The server generates data streams from the physical elements at the address extracted from the message digest and compares it to the data streams stored during enrollment, and iii) The server reiterates the previous step by incrementally hashing the resulting message digest to find a match, or it rejects the password. During subsequent authentication cycles, the users again hash their passwords multiple times, but at levels lower than the ones used during the previous cycles. Thereby it becomes pointless for third parties to intercept previously hashed passwords; they are never used twice. Hacking a database containing the data streams extracted from the physical unclonable functions during enrollment is also pointless without also having access to the devices. In this entire homomorphic protocol, the users are the only ones who know their passwords. This paper presents a prototype demonstrating the functionality of an example of a homomorphic password manager protocol with SHA-3–512 hashing algorithm exploiting the physical randomness of static random-access memories.
KW - Authentication
KW - Hash function
KW - Homomorphy
KW - Password management
KW - Physical unclonable function
UR - http://www.scopus.com/inward/record.url?scp=85105912131&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85105912131&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-73100-7_55
DO - 10.1007/978-3-030-73100-7_55
M3 - Conference contribution
AN - SCOPUS:85105912131
SN - 9783030730994
T3 - Advances in Intelligent Systems and Computing
SP - 772
EP - 792
BT - Advances in Information and Communication - Proceedings of the 2021 Future of Information and Communication Conference, FICC
A2 - Arai, Kohei
PB - Springer Science and Business Media Deutschland GmbH
T2 - Future of Information and Communication Conference, FICC 2021
Y2 - 29 April 2021 through 30 April 2021
ER -