基于3锁的密码散列算法

2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI) Pub Date : 2022-12-21 DOI:10.1109/IATMSI56455.2022.10119411

Anuraj Singh, Mehul Jain, Sakshi Goyal

{"title":"基于3锁的密码散列算法","authors":"Anuraj Singh, Mehul Jain, Sakshi Goyal","doi":"10.1109/IATMSI56455.2022.10119411","DOIUrl":null,"url":null,"abstract":"Password has become a predominating method for user authentication to gain access to restricted services. Most people use human-memorable passwords that are likely words in dictionaries or certain combinations of these words, which are easy to crack. The biggest problem with passwords is its strength. We introduce a 3-lock based password hashing algorithm which minimizes the fraction of password that would be cracked by an offline attacker without increasing computing time for a legitimate authentication server. It strengthens the user's weak password, by improving the character set from which password is selected. 3-lock based password hashing algorithm uses 3 locks consisting of various printable ASCII characters and an integer provided by the user. This integer is never stored in server's database. Finally, we analyze 3-lock based password hashing algorithm using RockYou password dataset. Our analysis shows that the proposed algorithm can reduce (up to 25%) fraction of password cracked by an offline attacker.","PeriodicalId":221211,"journal":{"name":"2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A 3-Lock based Password Hashing Algorithm\",\"authors\":\"Anuraj Singh, Mehul Jain, Sakshi Goyal\",\"doi\":\"10.1109/IATMSI56455.2022.10119411\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Password has become a predominating method for user authentication to gain access to restricted services. Most people use human-memorable passwords that are likely words in dictionaries or certain combinations of these words, which are easy to crack. The biggest problem with passwords is its strength. We introduce a 3-lock based password hashing algorithm which minimizes the fraction of password that would be cracked by an offline attacker without increasing computing time for a legitimate authentication server. It strengthens the user's weak password, by improving the character set from which password is selected. 3-lock based password hashing algorithm uses 3 locks consisting of various printable ASCII characters and an integer provided by the user. This integer is never stored in server's database. Finally, we analyze 3-lock based password hashing algorithm using RockYou password dataset. Our analysis shows that the proposed algorithm can reduce (up to 25%) fraction of password cracked by an offline attacker.\",\"PeriodicalId\":221211,\"journal\":{\"name\":\"2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)\",\"volume\":\"28 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/IATMSI56455.2022.10119411\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IATMSI56455.2022.10119411","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

密码已成为用户访问受限服务的主要认证方式。大多数人使用容易记忆的密码，这些密码很可能是字典中的单词或这些单词的特定组合，很容易被破解。密码最大的问题是它的强度。我们引入了一种基于3锁的密码散列算法，该算法在不增加合法身份验证服务器计算时间的情况下，最大限度地减少了离线攻击者破解的密码比例。它通过改进选择密码的字符集来增强用户的弱密码。基于3锁的密码哈希算法使用由用户提供的各种可打印ASCII字符和整数组成的3把锁。此整数永远不会存储在服务器的数据库中。最后，我们利用RockYou密码数据集分析了基于3锁的密码哈希算法。我们的分析表明，所提出的算法可以减少(高达25%)离线攻击者破解密码的比例。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A 3-Lock based Password Hashing Algorithm

Password has become a predominating method for user authentication to gain access to restricted services. Most people use human-memorable passwords that are likely words in dictionaries or certain combinations of these words, which are easy to crack. The biggest problem with passwords is its strength. We introduce a 3-lock based password hashing algorithm which minimizes the fraction of password that would be cracked by an offline attacker without increasing computing time for a legitimate authentication server. It strengthens the user's weak password, by improving the character set from which password is selected. 3-lock based password hashing algorithm uses 3 locks consisting of various printable ASCII characters and an integer provided by the user. This integer is never stored in server's database. Finally, we analyze 3-lock based password hashing algorithm using RockYou password dataset. Our analysis shows that the proposed algorithm can reduce (up to 25%) fraction of password cracked by an offline attacker.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI)

自引率

0.00%

发文量