Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Password-Based Encryption Analyzed Martin Abadi1

Summary: Password-Based Encryption Analyzed
Mart´in Abadi1
and Bogdan Warinschi2
Computer Science Department, University of California, Santa Cruz
Computer Science Department, Stanford University
Abstract. The use of passwords in security protocols is particularly delicate be-
cause of the possibility of off-line guessing attacks. We study password-based
protocols in the context of a recent line of research that aims to justify symbolic
models in terms of more concrete, computational ones. We offer two models for
reasoning about the concurrent use of symmetric, asymmetric, and password-
based encryption in protocol messages. In each of the models we define a notion
of equivalence between messages and also characterize when passwords are used
securely in a message or in a set of messages. Our new definition for the com-
putational security of password-based encryption may be of independent interest.
The main results of this paper are two soundness theorems. We show that un-
der certain (standard) assumptions about the computational implementation of
the cryptographic primitives, symbolic equivalence implies computational equiv-
alence. More importantly, we prove that symbolically secure uses of passwords


Source: Abadi, Martín - Department of Computer Science, University of California at Santa Cruz
Warinschi, Bogdan - Department of Computer Science, University of Bristol


Collections: Computer Technologies and Information Sciences