Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Strengthening public key authentication against...

Martin Kleppmann
December 09, 2015
Research
3
2.1k

Strengthening public key authentication against key theft

Slides from my talk presented at the 9th International Conference on Passwords (Passwords15), Cambridge, UK, 9 December 2015.
Paper: http://martin.kleppmann.com/papers/mrsa-pass15.pdf
Conference website: http://www.cl.cam.ac.uk/events/passwords2015/

Abstract:

Authentication protocols based on an asymmetric keypair provide strong authentication as long as the private key remains secret, but may fail catastrophically if the private key is lost or stolen. Even when encrypted with a password, stolen key material is susceptible to offline brute-force attacks. In this paper we demonstrate a method for rate-limiting password guesses on stolen key material, without requiring special hardware or changes to servers. By slowing down offline attacks and enabling easy key revocation our algorithm reduces the risk of key compromise, even if a low-entropy password is used.

Martin Kleppmann

December 09, 2015
Tweet

More Decks by Martin Kleppmann

See All by Martin Kleppmann
The past, present, and future of local-first
ept
0
1.2k
Where local-first came from and where it's going
ept
0
4.1k
Byzantine fault tolerance for peer-to-peer collaboration
ept
0
1.1k
New algorithms for collaborative text editing
ept
0
1.1k
Creating local-first collaboration software with Automerge
ept
0
2.3k
Collaborative editing through a databases lens
ept
0
2.3k
Making CRDTs Byzantine fault tolerant
ept
0
2.7k
Protecting user agency with local-first software
ept
0
860
Automerge: a new foundation for collaboration software
ept
1
890

Other Decks in Research

See All in Research
ミニ四駆AI用制御装置の事例紹介
aks3g
0
160
Weekly AI Agents News!
masatoto
25
24k
Weekly AI Agents News! 8月号 プロダクト/ニュースのアーカイブ
masatoto
1
190
文書画像のデータ化における VLM活用 / Use of VLM in document image data conversion
sansan_randd
2
190
研究の進め方 ランダムネスとの付き合い方について
joisino
PRO
55
19k
渋谷Well-beingアンケート調査結果
shibuyasmartcityassociation
0
260
Isotropy, Clusters, and Classifiers
hpprc
3
630
Introducing Research Units of Matsuo-Iwasawa Laboratory
matsuolab
0
920
snlp2024_multiheadMoE
takase
0
430
MIRU2024_招待講演_RALF_in_CVPR2024
udonda
1
330
大規模言語モデルを用いた日本語視覚言語モデルの評価方法とベースラインモデルの提案 【MIRU 2024】
kentosasaki
2
520
Weekly AI Agents News! 10月号 論文のアーカイブ
masatoto
1
250

Featured

See All Featured
Making the Leap to Tech Lead
cromwellryan
133
8.9k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Building Adaptive Systems
keathley
38
2.3k
Automating Front-end Workflow
addyosmani
1366
200k
For a Future-Friendly Web
brad_frost
175
9.4k
Speed Design
sergeychernyshev
24
610
The World Runs on Bad Software
bkeepers
PRO
65
11k
Happy Clients
brianwarren
98
6.7k
Agile that works and the tools we love
rasmusluckow
327
21k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
246
1.3M
Adopting Sorbet at Scale
ufuk
73
9.1k
Intergalactic Javascript Robots from Outer Space
tanoku
269
27k

Transcript

  1. None
  2. None
  3. None
  4. None
  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None
  12. None
  13. None
  14. None
  15. None
  16. None
  17. None
  18. None
  19. None
  20. None
  21. None
  22. None
  23. None
  24. None
  25. None
  26. None
  27. None
  28. None
  29. None
  30. None
  31. None
  32. None
  33. None
  34. None
  35. None
  36. None
  37. None
  38. None
  39. None
  40. None
  41. None
  42. None
  43. None
  44. None
  45. None
  46. None
  47. None
  48. None
  49. None
  50. None
  51. None

  52. 1.  Dan Boneh, Xuhua Ding, Gene Tsudik, and Chi Ming

    Wong: “A Method for Fast Revocation of Public Key Certificates and Security Capabilities,” at 10th USENIX Security Symposium, August 2001. 2.  Mirosław Kutyłowski, Przemysław Kubiak, Michał Tabor, and Daniel Wachnik: “Mediated RSA cryptography specification for additive private key splitting (mRSAA),” IETF Internet Draft, November 2012. https://tools.ietf.org/html/draft-kutylowski-mrsa-algorithm-03 3.  J. Jonsson and B. Kaliski: “Public-Key Cryptography Standards (PKCS) #1: RSA cryptography specifications version 2.1”. Network Working Group RFC 3447, Feb 2003. 4.  Sampath Srinivas, Dirk Balfanz, Eric Tiffany, and Alexei Czeskis: “Universal 2nd factor (U2F) overview”. FIDO Alliance Proposed Standard, May 2015. https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt- amendment-20150514/fido-u2f-overview.html 5.  T. Ylonen and C. Lonvick: “The Secure Shell (SSH) authentication protocol”. Network Working Group RFC 4252, Jan 2006.
  53. None