Analysis of a Password Strengthening Technique and its Practical Use

Provided by: Institute of Electrical & Electronic Engineers
Topic: Security
Format: PDF
Besides commonly used password strengthening techniques such as salting or repeated applications of a one way function on the password, the users' account a less common procedure: the truncation of the output from a one-way function on the password. This technique is used in a Norwegian ATM and a similar method is part of an authentication protocol from Anderson and Lomas which makes use of collision-full hash functions. The authors depict a probabilistic bound on the probability of guessing the password in the Anderson-Lomas protocol and they propose some improvements on the protocol.

Find By Topic