Efficient threshold password-authenticated secret sharing protocols for cloud computing

Abstract Threshold password-authenticated secret sharing (TPASS) protocols allow a client to distribute a secret s amongst n servers and protect it with a password pw , so that the client can later recover the secret s from any subset of t of the servers using the password pw . In this paper, we present two efficient TPASS protocols, one is built on two-phase commitment and has lower computation complexity, and another is based on zero-knowledge proof and has less communication rounds. Both protocols are in particular efficient for the client, who only needs to send a request and receive a response. In addition, we have provided rigorous proofs of security for the proposed protocols in the standard model. The experimental results have shown that the proposed two TPASS protocols are more efficient than Camenisch et al.’s protocols and save up to 85%–95% total computational time and up to 65%–75% total communication overhead.

[1]  Rafail Ostrovsky,et al.  Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords , 2001, EUROCRYPT.

[2]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[3]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[4]  Nitesh Saxena,et al.  Password-protected secret sharing , 2011, CCS '11.

[5]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[6]  David P. Jablon Password Authentication Using Multiple Servers , 2001, CT-RSA.

[7]  David Pointcheval,et al.  Robust Password-Protected Secret Sharing , 2016, ESORICS.

[8]  Jan Camenisch,et al.  Memento: How to Reconstruct Your Secrets from a Single Password in a Hostile Environment , 2014, CRYPTO.

[9]  Jan Camenisch,et al.  Practical yet universally composable two-server password-authenticated secret sharing , 2012, CCS.

[10]  Markus Jakobsson,et al.  Threshold Password-Authenticated Key Exchange , 2002, Journal of Cryptology.

[11]  Aggelos Kiayias,et al.  TOPPSS: Cost-Minimal Password-Protected Secret Sharing Based on Threshold OPRF , 2017, ACNS.

[12]  Elisa Bertino,et al.  ID-Based Two-Server Password-Authenticated Key Exchange , 2014, ESORICS.

[13]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[14]  Michael Szydlo,et al.  Proofs for Two-Server Password Authentication , 2005, CT-RSA.

[15]  Feng Hao,et al.  Practical Threshold Password-Authenticated Secret Sharing Protocol , 2015, ESORICS.

[16]  Jonathan Katz,et al.  Two-server password-only authenticated key exchange , 2005, J. Comput. Syst. Sci..

[17]  Burton S. Kaliski,et al.  Server-assisted generation of a strong secret from a password , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).

[18]  Xun Yi,et al.  Efficient Two-Server Password-Only Authenticated Key Exchange , 2013, IEEE Transactions on Parallel and Distributed Systems.

[19]  Rosario Gennaro,et al.  Provably secure threshold password-authenticated key exchange , 2006, J. Comput. Syst. Sci..