Please use this identifier to cite or link to this item: http://dspace.iitrpr.ac.in:8080/xmlui/handle/123456789/1148
Full metadata record
DC FieldValueLanguage
dc.contributor.authorChang, D.-
dc.contributor.authorJati, A.-
dc.contributor.authorMishra, S.-
dc.contributor.authorSanadhya, S.K.-
dc.date.accessioned2018-12-31T06:51:38Z-
dc.date.available2018-12-31T06:51:38Z-
dc.date.issued2018-12-31-
dc.identifier.urihttp://localhost:8080/xmlui/handle/123456789/1148-
dc.description.abstractA cryptanalytic technique known as time-memory tradeoff (TMTO) was proposed by Hellman for finding the secret key of a block cipher. This technique allows sharing the effort of key search between the two extremes of exhaustively enumerating all keys versus listing all possible ciphertext mappings produced by a given plaintext (i.e. table lookups). The TMTO technique has also been used as an effective cryptanalytic approach for password hashing schemes (PHS). Increasing threat of password leakage from compromised password hashes demands a resource consuming algorithm to prevent the precomputation of the password hashes. A class of password hashing designs provide such a defense against TMTO attack by ensuring that any reduction in the memory leads to exponential increase in runtime. These are called Memory hard designs. However, it is generally difficult to evaluate the “memory hardness” of a given PHS design. In this work, we present a simple technique to analyze TMTO for any password hashing schemes which can be represented as a directed acyclic graph (DAG). The nodes of the DAG correspond to the storage required by the algorithm and the edges correspond to the flow of the execution. Our proposed technique provides expected run-times at varied levels of available storage for the DAG. Although our technique is generic, we show its efficacy by applying it on three designs from the “Password Hashing Competition” (PHC) - Argon2i (the PHC winner), Catena and Rig. Our analysis shows that Argon2i fails to maintain the claimed memory hardness. In a recent work Corrigan-Gibbs et al. indeed showed an attack highlighting the weak memory hardening of Argon2i. We also analyze these PHS for performance under various settings of time and memory complexities.en_US
dc.language.isoen_USen_US
dc.subjectTime-memory tradeofen_US
dc.subjectPassworden_US
dc.subjectHashingen_US
dc.subjectGraph traversalen_US
dc.subjectBit-reversal graphen_US
dc.subjectDouble butterfly graphen_US
dc.titleCryptanalytic time-memory tradeoff for password hashing schemesen_US
dc.typeArticleen_US
Appears in Collections:Year-2018

Files in This Item:
File Description SizeFormat 
Full Text.pdf405.35 kBAdobe PDFView/Open    Request a copy


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.