Hidden Credential Retrieval, Revisited
Summary :
Hidden Credential Retrieval (HCR) protocols are designed for access credentials management where users who remember short passwords can retrieve his/her various credentials (access keys and tokens) with the help of a remote storage server over insecure networks (e.g., the Internet). In this paper, we revisit two HCR protocols, both of which are based on blind signature schemes: one (we call it B-HCR) was proposed in ASIACCS 2009 and the other (we call it MRS-HCR) was in WISA 2010. In particular, we show that the B-HCR protocol is insecure against an outside attacker who impersonates server S. Specifically, the attacker can find out the user's password pw with off-line dictionary attacks by eavesdropping the communications between the user and a third-party online service provider. Also, we show that the MRS-HCR protocol does not work correctly itself. In other words, user U can not retrieve the plaintext Msg (i.e., credentials) even if he/she has a knowledge of the password.
- Publication
- IEICE TRANSACTIONS on Fundamentals Vol.E98-A No.1 pp.428-433
- Publication Date
- 2015/01/01
- Publicized
- Online ISSN
- 1745-1337
- DOI
- 10.1587/transfun.E98.A.428
- Type of Manuscript
- LETTER
- Category
- Cryptography and Information Security
Authors
SeongHan SHIN
National Institute of Industrial Science and Technology (AIST)
Kazukuni KOBARA
National Institute of Industrial Science and Technology (AIST)
Keyword
Latest Issue
Copyrights notice of machine-translated contents
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Cite this
Copy
SeongHan SHIN, Kazukuni KOBARA, "Hidden Credential Retrieval, Revisited" in IEICE TRANSACTIONS on Fundamentals,
vol. E98-A, no. 1, pp. 428-433, January 2015, doi: 10.1587/transfun.E98.A.428.
Abstract: Hidden Credential Retrieval (HCR) protocols are designed for access credentials management where users who remember short passwords can retrieve his/her various credentials (access keys and tokens) with the help of a remote storage server over insecure networks (e.g., the Internet). In this paper, we revisit two HCR protocols, both of which are based on blind signature schemes: one (we call it B-HCR) was proposed in ASIACCS 2009 and the other (we call it MRS-HCR) was in WISA 2010. In particular, we show that the B-HCR protocol is insecure against an outside attacker who impersonates server S. Specifically, the attacker can find out the user's password pw with off-line dictionary attacks by eavesdropping the communications between the user and a third-party online service provider. Also, we show that the MRS-HCR protocol does not work correctly itself. In other words, user U can not retrieve the plaintext Msg (i.e., credentials) even if he/she has a knowledge of the password.
URL: https://globals.ieice.org/en_transactions/fundamentals/10.1587/transfun.E98.A.428/_p
Copy
@ARTICLE{e98-a_1_428,
author={SeongHan SHIN, Kazukuni KOBARA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Hidden Credential Retrieval, Revisited},
year={2015},
volume={E98-A},
number={1},
pages={428-433},
abstract={Hidden Credential Retrieval (HCR) protocols are designed for access credentials management where users who remember short passwords can retrieve his/her various credentials (access keys and tokens) with the help of a remote storage server over insecure networks (e.g., the Internet). In this paper, we revisit two HCR protocols, both of which are based on blind signature schemes: one (we call it B-HCR) was proposed in ASIACCS 2009 and the other (we call it MRS-HCR) was in WISA 2010. In particular, we show that the B-HCR protocol is insecure against an outside attacker who impersonates server S. Specifically, the attacker can find out the user's password pw with off-line dictionary attacks by eavesdropping the communications between the user and a third-party online service provider. Also, we show that the MRS-HCR protocol does not work correctly itself. In other words, user U can not retrieve the plaintext Msg (i.e., credentials) even if he/she has a knowledge of the password.},
keywords={},
doi={10.1587/transfun.E98.A.428},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - Hidden Credential Retrieval, Revisited
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 428
EP - 433
AU - SeongHan SHIN
AU - Kazukuni KOBARA
PY - 2015
DO - 10.1587/transfun.E98.A.428
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E98-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2015
AB - Hidden Credential Retrieval (HCR) protocols are designed for access credentials management where users who remember short passwords can retrieve his/her various credentials (access keys and tokens) with the help of a remote storage server over insecure networks (e.g., the Internet). In this paper, we revisit two HCR protocols, both of which are based on blind signature schemes: one (we call it B-HCR) was proposed in ASIACCS 2009 and the other (we call it MRS-HCR) was in WISA 2010. In particular, we show that the B-HCR protocol is insecure against an outside attacker who impersonates server S. Specifically, the attacker can find out the user's password pw with off-line dictionary attacks by eavesdropping the communications between the user and a third-party online service provider. Also, we show that the MRS-HCR protocol does not work correctly itself. In other words, user U can not retrieve the plaintext Msg (i.e., credentials) even if he/she has a knowledge of the password.
ER -
FlyerIEICE has prepared a flyer regarding multilingual services. Please use the one in your native language.
English
