strong authentication without tamper-resistant hardware ... · strong authentication without...

Strong Authentication without Tamper-ResistantHardware and Application to Federated Identities

Zhenfeng Zhang123Yuchen Wang12and Kang Yang41TCA Lab of State Key Laboratory of Computer Science Institute of Software Chinese Academy of Sciences

2University of Chinese Academy of Sciences3The Joint Academy of Blockchain Innovation

4State Key Laboratory of Cryptologyzhenfengiscasaccn wangyuchentcaiscasaccn yangksklcorg

AbstractmdashShared credential is currently the most widespreadform of end user authentication with its convenience but itis also criticized for being vulnerable to credential databasetheft and phishing attacks While several alternative mechanismsare proposed to offer strong authentication with cryptographicchallenge-response protocols they are cumbersome to use due tothe need of tamper-resistant hardware modules at user end

In this paper we propose the first strong authenticationmechanism without the reliance on tamper-resistant hardware atuser end A user authenticates with a password-based credentialvia generating designated-verifiable authentication tokens Ourscheme is resistant to offline dictionary attacks in spite that theattacker can steal the password-protected credentials and thuscan be implemented on general-purpose devices

More specifically we first introduce and formalize the notionof Password-Based Credential (PBC) which models the resistanceof offline attacks and the unforageability of authentication tokenseven if attackers can see authentication tokens and capturepassword-wrapped credentials of honest users We then presenta highly-efficient construction of PBC using a ldquorandomize-then-proverdquo approach and prove its security The construction doesnot involve bilinear-pairings and can be implemented withcommon cryptographic libraries for many platforms We alsopresent a technique to transform the PBC scheme to be publicly-verifiable and present an application of PBC in federatedidentity systems to provide holder-of-key assertion mechanismsCompared with current certificate-based approaches it is moreconvenient and user-friendly and can be used with the federationsystems that employ privacy-preserving measures (eg Sign-inwith Apple)

We also implement the PBC scheme and evaluate its perfor-mance for different applications over various network environ-ment When PBC is used as a strong authentication mechanismfor end users it saves 26-36 of time than the approach basedon ECDSA with a tamper-resistant hardware module As for itsapplication in federation it could even save more time when theuser proves its possession of key to a Relying Party

I INTRODUCTION

Passwords or shared credentials have dominated the realmof authentication for several decades but they have also been

regarded as the weakest points of modern computer systemsTraditional shared credential authentication mechanisms re-quire the credentials of users to be stored in centralized reposi-tories at servers and to be explicitly transferred which createsnotable targets for attackers They can either be stolen inbatches from breached centralized repositories or be capturedwhile being transferred (ie through phishing attacks)

To eliminate the security risks raised by shared credentialsthe techniques of strong authentication [38] have been widelyadopted by the industry and standardization communitiesas alternative approaches In particular strong authenticationschemes are the cryptographic challenge-response identifica-tion protocols that one entity (ie the claimant) ldquoprovesrdquo itsidentity to another entity (ie the verifier) by demonstratingthe knowledge of a secret known to be associated with thatentity During authentication the secret is neither revealed tothe verifier nor transferred over the channel Such mechanismscan be built with symmetric-key or public-key cryptographicprimitives For mechanisms based on symmetric-key cryptothe two entities share a symmetric-key and the claimantcorroborates its identity by demonstrating the knowledge ofthe shared key by encrypting a challenge or by generatinga MAC (message authentication code) value for the chal-lenge For mechanisms based on public-key crypto a claimantdemonstrates knowledge of its private key in a way of digitallysigning a challenge or decrypting a challenge encrypted underits public key As concrete examples the FIDO Allianceadopts strong authentication with public-key techniques inthe Universal Authentication Framework (UAF) [45] and theWeb Authentication specification of W3C [60] also defines anAPI enabling the use of public key-based credentials by webapplications for the purpose of strong authentication

However conventional strong authentication mechanismsinvolve the problem of secure storage of secrets ie secret-keys in symmetric-key cases and private-keys in public-keycases A common approach is encrypting the secret with apassword This protection is vulnerable to off-line attacks whenthe attacker can steal the password-protected credential [cre]pwand capture the authentication token σ from honest users (egthrough phishing) It can guess a password pwprime and determineits correctness with off-line manners

bull If σ can be verified with the knowledge of cre (in the caseof symmetric crypto) off-line attacks cannot be avoidedsince one can guess a pwprime and decrypt [cre]pw to obtain

Network and Distributed Systems Security (NDSS) Symposium 202023-26 February 2020 San Diego CA USAISBN 1-891562-61-4httpsdxdoiorg1014722ndss202024462wwwndss-symposiumorg

[cre]pw

m

σ

cre prime larr Dec(pw prime [cre]pw ) check MAC(cre primem) = σ

Fig 1 Off-line attack for strong authentication with symmetriccrypto where cre is a symmetric key and user authenticatesthrough MAC values (ie σ larr MAC(crem))

m

(σ cert)

[cre]pw

cre prime larr Dec(pw prime [cre]pw ) pk larr certcheck VerifyKey(pk cre prime) = 1

Fig 2 Off-line attack for strong authentication with asymmet-ric crypto where cre is a private key and the user authenticateswith digital signatures (ie σ larr Sign(crem)) and cert is acertificate wrt the userrsquos public key pk and private key cre

cre prime and then determine the correctness of guess by usingcre prime to check the validity of σ (See Fig 1)

bull If σ can be verified publicly (in the case of asymmetriccrypto) then off-line attacks are also feasible One candetermine the correctness of pwprime via extracting the publickey pk from cert which is contained in the authenticationtokens and then checking whether (pk cre prime) is a validpublic-private key pair (See Fig 2)

In practice these secrets are commonly stored with tamper-resistant hardware modules at user end Both the FIDO UAFprotocol [10] [29] [44] and W3Crsquos specification [60] highlyrecommend using tamper-resistant hardware modules (egSIM card and Trusted Platform Module (TPM)) for user endimplementation (ie FIDO authenticator) to protect the privatekeys and perform cryptographic operations

The employment of tamper-resistant hardware module de-creases the usability of strong authentication schemes as enduser authentication mechanisms which is also seen as oneof the major drawbacks of currently deployed strong authen-tication mechanisms [17] [47] [43] The module (ie thedevice it residents) becomes another thing to be rememberedto carry and the secret keys stored by such a module wouldbe permanently lost once the module is broken or lost

For federated identity systems assertions convey authen-tication and attribute information of users from Identity

Providers (IdPs) to separately-administered Relying Parties(RPs) They can be presented directly to the RP or beforwarded through the user Upon receiving an assertion theRP uses the information contained to identify the user and tomake authorization decisions about its accesses to resourcescontrolled by the RP A bearer assertion can be presented byany party as proof of the bearerrsquos identity and may lead toimpersonation attacks if it is captured by attackers

To enhance the security guarantees provided by assertionsthe notion of holder-of-key assertion is introduced for manyfederation approaches (eg SAML2 [39] and OAuth20 [36])It prevents assertions from being abused by malicious RPsand guarantees that the user cannot repudiate for an assertionsent by him This technique has been adopted for commercialproducts such as Microsoftrsquos XBOX [37] and IBMrsquos Web-Sphere [6] and also utilized by the digital identity guidelinespublished by NIST [31] as a requirement for the highest levelof federation assurance Particularly a holder-of-key assertioncontains a reference to the key held by the user (eg publickey) To verify such an assertion the RP requires the userto cryptographically prove possession of the key (eg privatekey) that corresponds to the key reference presented in theassertion

Currently the holder-of-key assertion mechanisms aremainly implemented via certificates [39] [48] where the usermust send its X509 certificate and prove possession of thekey referred in the certificate However such mechanisms areinconvenient for end users due to the requirement of certifi-cate and also require tamper-resistant hardware to protect theprivate keys Moreover for federated identity systems whichemploy RP-specific pseudonyms to protect the privacy of users(eg Sign-in with Apple [8]) RPs can collude and link thesame user through the key used in holder-of-key assertionswhich breaks the un-linkability brought by pseudonyms Withcurrent technologies an IdP cannot both preserve the privacyof users and support holder-of-key assertions simultaneously

A Our Contributions

The main contribution of this paper is the first strongauthentication scheme which does not require tamper-resistanthardware modules to protect secrets at user end We further-more present its application with federated identity systemsto solve the issues of userrsquos privacy and reliance on tamper-resistant hardware in the current holder-of-key assertion mech-anisms Our scheme wraps (aka protects) credentials of usersby passwords and can be implemented on different devices(eg mobile phones and desktop computers) to support cross-terminal authentication but is resistant to phishing attacks andoffline dictionary attacks even in the case that the attackercan both obtain the password-wrapped credentials and see theauthentication tokens that the user sends to the server

Our contributions can be summarized as follows

bull We formalize the syntax of a new primitive called Password-Based Credential (PBC) Informally the PBC scheme re-quires a user with identifier uid to register to a server andobtain a credential cre which is wrapped (ie encrypted)with a password pw The password-wrapped credential[cre]pw can be stored in a general-purpose device or a

2

cloud server For authentication the user uses its passwordpw and the password-wrapped credential [cre]pw to createan authentication token σ on a challenge message m Theserver authenticates the user with its secret key by checkingwhether σ is valid on m wrt uid We establish the necessary security requirement of Exis-tential UnForgeability under Chosen Message and chosenVerification queries Attacks (EUF-CMVA) for PBC Oursecurity model covers a wide-range of practical threatswhere the attacker can corrupt users adaptively obtainthe password-wrapped credentials of honest users and seeauthentication tokens generated by honest users

bull We propose a highly efficient construction of PBC denotedby ΠPBC and prove its security under the cryptographic q-SDH and q-DDHI assumptions in the random oracle modelΠPBC is resistant to off-line attacks in the aforementionedsecurity model since authentication tokens generated byhonest users can only be verified by a designated server Thisconstruction does not rely on bilinear-pairings and thus canbe implemented easily by common cryptographic librarieson many platforms

bull We propose a technique to transform the designated-verifiability of ΠPBC to public-verifiability With this tech-nique we present an application of PBC in federated identitysystems to implement the holder-of-key assertion mecha-nism which can be integrated into standardized federationprotocols such as SAML2 and OpenID Connect It enablesa user to provide a key reference to the IdP and provepossession of the corresponding key to the RP using a PBCauthenticator Our approach furthermore provides an optionthat enables the holder-of-key assertions to be verified whilehiding the userrsquos identity which can be used in federationsystems that have applied privacy-preserving measures suchas Sign-in with Apple

bull We evaluate the performances of our schemes over LocalArea Network (LAN) and Wide Area Network (WAN) underdifferent latencies and compare them with the approachesusing ECDSA with tamper-resistant hardware modules Forstrong authentication PBC (denoted by AUTH-PBC) saves26-36 time than the ECDSA-based strong authentica-tion For its application as holder-of-key assertion mecha-nism PBC speeds the process by 41-55 compared withthe approaches based on ECDSA

B Technical Overview

Here we present the challenges we met and the techniquesleveraged to tackle them

Avoid offline attacks The major challenge of using passwordsto protect credentials is avoiding offline dictionary attacks Thecredential should not have any structure character otherwiseoff-line attacks are feasible as one can guess a pwprime decrypt[cre]pw with pwprime and check the character structure of cre The authentication token σ should not be verified with cre orpublicly-verifiable Our solution tackle this challenge via twotechniques

bull The credentials of our schemes are indistinguishable fromrandom group elements and thus do not have any structurecharacter for off-line attacks Furthermore we apply thepassword-based encryption proposed by [14] to wrap the

credentials with passwords where the decryptions from anypasswords obtain group elements with the same structurecharacters With this approach the attacker can only obtaingroup elements which are indistinguishable from the realcredential when guessing the password

bull The authentication tokens are generated with a ldquorandomize-then-proverdquo paradigm and can only be verified by a des-ignated verifier who has the corresponding secret key Theauthentication token can neither be verified with cre nor bythe attacker who does not know the secret key In particularthe ldquorandomize-then-proverdquo paradigm firstly randomizes acredential and then presents it with zero-knowledge proofsand has been used for anonymous credential protocols [24][11] [19] It does not reveal the knowledge of credentialand thus resists offline attacks

Transform PBC to publicly-verifiable Holder-of-key asser-tion mechanisms require the user to prove its possession ofa secret to any RP which is not a problem for asymmetricprimitives such as digital signature schemes since they arepublicly-verifiable However this seems to contradict the pro-posed scheme which is designated-verifiable We solve thisdilemma as follows

bull We use the IdP (ie designated verifier) as a ldquoconverterrdquo thattransforms our scheme to be publicly-verifiable It providesRPs with information that is necessary for verifying theauthentication tokens generated by users To prevent thistechnique from being abused to perform off-line attacks werequire that the IdP must authenticate the user first and limitthe effect of a transformation within one session

We also consider a scenario that the user authenticates toRPs using IdP-managed unrelated pseudonyms for preventingthe userrsquos activities from tracking or profiling when these RPscollude However the privacy goal is hard to be achieved whenholder-of-key assertions are adopted since RPs can associatethe same user with the references of keys

bull We provide an option to convert the scheme to be public-verifiable while preserving the privacy of users whichenables the user to prove the possession of the credential tothe RP without revealing its identity Any RP can verify theholder-of-key assertions without knowing the references tooriginal credentials (ie user identifiers) which avoids theuser from being linked across multiple RPs through holder-of-key assertions

C Related Work

A series of schemes have been proposed to addressthe problem of large-scale credential leakage in centralizedstorage of shared credentials Several password hardeningschemes [27] [52] [42] have been proposed to strengthen theusername-password authentication for web service providerswhere an external crypto server is adopted to carry out cer-tain cryptographic operations Furthermore hardware securitymodules (eg Intel SGX) have also been utilized at serverside to harden the storage of credentials by protecting the saltvalues or secret keys [41] [18]

To prevent phishing attacks many Multi-Factor Authenti-cation (MFA) mechanisms have been designed [59] [40] [35]

3

and deployed in practice (eg The FIDO Universal 2nd Factor(U2F) Protocol [57]) These schemes use dedicated devicessuch as mobile phones and FIDO U2F keys to perform the2nd factor authentication and their security and usability thusrely on these devices The 2nd authentication factor will loseonce the device is broken or lost and may also be occupiedby the attacker once the device is stolen or breached

Password hardening and MFA techniques improve theusername-password authentication but do not change theauthentication mechanism itself (eg the credentials are stilltransferred explicitly from claimer to verifier) which makesthem different from the approaches for strong authentication

Moreover Pass2Sign [20] enables the user to sign mes-sages with the help of a server using its password A Pass2Signserver stores salted hashed values of usersrsquo passwords andthe corresponding salt values are stored at user end devicesFor authentication the user calculates the hash value of itspassword the salt and a global query identifier encrypts thehashed value with the serverrsquos public key and sends it tothe server However Pass2Sign does not consider the threatscenario that attackers could get authentication tokens (egthrough phishing attacks) That is an attacker could firstcapture the hashed values calculated by the users by disguisingas the server via providing the user with the public key of itsown and then steal the salt value stored at user end deviceAfter that it could obtain the password via offline attacks

II PRELIMINARIES

Notation Throughout this paper we use λ to denote thesecurity parameter and [n] to denote the set 1 n Thenotation x $larr S denotes that x is sampled uniformly at randomfrom a set S For an algorithm A y larr A(x) denotes theprocess that runs A on input x and obtains y as output We saythat a function f Nrarr [0 1] is negligible if for any positive cwe have f(λ) lt 1λc for sufficient large λ For simplicity weuse negl to denote an unspecified negligible function Let G bea group of prime order p generated by g and Glowast denote G1where 1 is the identity element of G Finally [M ]pw denotesthe ciphertext on a message M encrypted with a password pw

A Cryptographic Assumptions

We recall two intractability assumptions in G

Definition 1 (q-SDH) [15] We say that the q-StrongDiffie-Hellman (q-SDH) assumption holds in group G if forall Probabilistic Polynomial Time (PPT) adversaries A suchthat

AdvSDHG

def= Pr[x

$larr Zlowastp A(g gx gxq

) = (c g1(x+c))]

lt negl(λ)where c isin Zpminusx

We write AdvSDHG (t q) = maxAAdvSDH

G (A) where themaximum is taken over all adversaries of time complexity atmost t and obtaining q + 1 group elements

Definition 2 (q-DDHI) [16] We say that the q-DecisionalDiffie-Hellman Inversion (q-DDHI) assumption holds in group

G if for all PPT adversaries such that

AdvDDHIG

def=

∣∣∣Pr[x$larr Zlowastp A(g gx gx

q

g1x) = 1]minus

Pr[x$larr Zlowastp U

$larr Glowast A(g gx gxq

U) = 1]∣∣∣

lt negl(λ)

We write AdvDDHIG (t q) = maxAAdvDDHI


B Non-Interactive Zero-Knowledge Proofs

Non-Interactive Zero-Knowledge Proofs (NIZKs) enable aprover to prove that a statement x is in a given NP languageL in a zero-knowledge way where L is defined by an NPrelation R ie L = x | existw st R(xw) = 1 and w iscalled a witness for x

Signature proofs of knowledge (SPKs) [23] are NIZKproofs constructed by using the Fiat-Shamir heuristic [28] totransform Sigma protocols in the random oracle model [13]When referring to the SPKs on proving knowledge of discretelogarithms and statements about them we will follow the nota-tion introduced by Camenisch et al [21] to abstract the SPKsFor example π larr SPK(a) ga = u(m) denotes a signatureproof of knowledge on proving knowledge of a witness asuch that u = ga which signs a message m and outputs aproof π on statement x = (g u) Let VerifySPK((g u)m π)denote the verification algorithm of SPK which outputs 1 ifπ is valid on m wrt a statement (g u) and 0 otherwise Thesignature proofs of knowledge are zero-knowledge sound andknowledge extractable in the random oracle model [49]

Security Definitions for NIZK Informally an NIZK systemΠ is said to be unbounded zero-knowledge if there existsa simulator Sim without knowing any witness can simulatethe proofs on unbounded number of statements such that noadversary can distinguish the simulated proofs from the realones created with witnesses In particular the adversary hasaccess to an oracle Ozk which returns either the real proofsproduced by the prover having witnesses or the simulatedproofs generated by Sim We use AdvuzkΠ (t qzk ) to denote themaximum advantage of all adversaries against the unboundedzero-knowledge of Π who run in time t and make at most qzkqueries to Ozk The soundness of an NIZK system Π assuresthat no adversary can prove a false statement (ie outsideL) where AdvsoundΠ (t) denotes the maximum advantage ofall adversaries who run in time t We say that an NIZKsystem Π satisfies the knowledge extractability if there existsan extractor Ext which can extract a witness from the proof cre-ated by the adversary where AdvextΠ (t) denotes the maximumadvantage of all adversaries who run in time t Simulation-sound extractability of an NIZK system Π guarantees thatthe extractor Ext still works for the proof produced by theadversary even if the adversary sees many simulated proofsfrom a simulator oracle Osim and the extracted results on theproofs created by itself from an extractor oracle Oext Wedenote by Advss-ext

Π (t qsim qext) the maximum advantage ofall adversaries against the simulation-sound extractability ofΠ who run in time t and make at most qsim and qext queriesto Osim and Oext respectively We refer the reader to [32] [9]for the formal definitions of the above security properties

4

III PASSWORD-BASED CREDENTIAL

In this section we propose a new cryptographic primitivecalled Password-Based Credential (PBC) which protects auserrsquos credential issued by a server with a password anduses both the password-protected credential and password togenerate authentication tokens to authenticate to the serverwith a challenge-response procedure and formalize its securityconsidering practical threats Our model is game-based andinspired by the security model for PAKE protocols [12]

We define a security notion of Existential UnForgeabilityunder Chosen Message and chosen Verification queries At-tack (EUF-CMVA) for PBC schemes Informally EUF-CMVAguarantees that no adversary can forge valid authenticationtoken on a fresh message for an honest user A PBC scheme isEUF-CMVA secure means that this scheme is secure as long asat least one of the password-wrapped credential and passwordof the user has not been revealed by the adversary and evenif the password-wrapped credential is leaked the attacker canonly guess the password by querying the server online Notethat this notion implies unforgeability of credentials as a validcredential can always be used to create authentication tokens

A Syntax of PBC

Let U and D denote the spaces of usernames and passwordsrespectively and Reg be a set of usernames that have beenregistered the syntax of PBC scheme is defined as follows

Definition 3 (Password-Based Credential) A password-based credential scheme PBC = (SetupKeyGen IssueSignVerify) with message space M is defined as follows

bull Setup(1λ) On input a security parameter λ (in unary) thesetup algorithm outputs a set of public parameters pp whichis an implicit input to the following algorithms except forbeing explicitly described

bull KeyGen(pp) On input pp a server runs the key generationalgorithm to create a secret key sk and a set of issuerparameters isp associated with sk Then the server initializesReg as empty We also consider that isp is an implicit inputto the following algorithms unless explicitly describing

bull Issue(skReg) (uid pw) is an interactive registrationprotocol executed between a user and the server over asecure channel (eg established by TLS) The user runs theprotocol by inputting its username-password (uid pw) isinU times D and interacts with the server who takes inputs itssecret key sk and a set of registered usernames Reg If eitherparty aborts the protocol outputs perp Otherwise the serverissues a credential cre to the user and updates Reg to includeuid and the user outputs a password-wrapped credential[cre]pw which can be stored on a general-purpose device

bull Sign(uid pw [cre]pw m) On input a username uid apassword pw a password-based credential [cre]pw and amessage m isinM a user runs this algorithm to generate anauthentication token σ on message m

bull Verify(sk uid m σ) On input a secret key sk a usernameuid isin U a message m and a token σ the server runs thealgorithm to check the validity of σ This algorithm outputs1 if σ is valid on uid and m under sk and 0 otherwise

B Security Definition of PBC

Next we give the formal definition on the security of PBCwhich is the EUF-CMVA security Our model is comprehen-sive enough to cover a broad range of threat scenarios Weprovide an adversary with a series of oracles to capture itsattack abilities which correspond to the abilities of real-worldattackers In the following we will first describe these oraclesand the motivations behind them then describe the goal ofadversary and finally present the formal definition

Oracles All oracles and the experiment of EUF-CMVA main-tain the following global sets RUpw is the set of users whosepasswords were revealed RUcred is the set of users whosepassword-wrapped credentials were revealed Q is the set ofqueries made by the adversary to the SIGN oracle Let n bethe number of users the oracles are defined as follows

bull REVEALCRED(i) If i isin [n] this oracle outputs thepassword-wrapped credential [crei ]pwi of user i and addsi to RUcred bull REVEALPW(i) If i isin [n] this oracle outputs the passwordpwi of user i and adds i to RUpw bull SIGN(im) If i isin [n] and i isin RUpw capRUcred this oracle

returns σ larr Sign(uidi pwi [crei ]pwim) and adds (im)

to the set Qbull VERIFY(uidm σ) this oracle returns the verification result

on an authentication token σ and challenge message m byrunning Verify(sk uidm σ)

Each oracle represents a threat scenario that may occur inpractice In the following we describe the motivations behindoracles which also include the abilities and assumptions weadopted for real-life attackers

bull REVEALCRED We allow the adversary to obtain thepassword-wrapped credentials of its chosen users via mak-ing queries to the REVEALCRED oracle In this oraclewe model the case that the password-wrapped credentialsare stored as a file on a general purpose device and maybe stolen by malwares [3] through the lost or stolen ofthe device [4] or even via the automatical backup serviceperformed by a breached cloud server [2]

bull REVEALPW The adversary could also reveal the passwordsof users on its choices by having access to the REVEALPWoracle This corresponds to the case that the user encryptsits credential with a password that has already leaked

bull SIGN When a PBC scheme is adopted for end user authen-tication the adversary may see many authentication tokensThis ability is modeled by the SIGN oracle which allowsthe adversary to obtain authentication tokens of its chosenmessages and users We model this oracle since attackers inpractice can capture the authentication tokens when they aretransferred from the end users to servers (eg via phishingattacks)

bull VERIFY Furthermore the adversary can get the verificationresult of an authentication token σ and a message m viaimpersonating a user to interact with the server We modelthis attack ability with the VERIFY oracle which allowsthe adversary to obtain the decision result on any query(username message token) made by it In this oracle wemodel real-world attackerrsquos ability of communicating withthe server We do not assume that the attacker can break

5

Experiment ExpEUF-CMVAPBC (A)

pplarr Setup(1λ) (sk isp)larr KeyGen(pp)RUpw RUcred Qlarr emptyFor each i isin [n] pwi

$larr D and[crei]pwi

larr Issue(skReg) (uid i pwi)(uidlowastmlowast σlowast)larr A(pp isp uid ini=1 SIGNVERIFY

REVEALPWREVEALCRED)If Verify(sk uidlowastmlowast σlowast) = 0 return 0If uidlowast isin Reg return 1If uidlowast = uid ilowast isin Reg thenbull If (ilowastmlowast) isin Q return 0bull If ilowast isin RUpw cap RUcred return 0bull If ilowast isin RUcred return 1bull If ilowast isin RUcred and ilowast isin RUpw return 2

Fig 3 Experiment for the EUF-CMVA security of PBC

into a server and capture the private keys for cryptographicprotocols as they can be protected by tamper-resistantmodules (eg [58]) at server side

The Goal of Adversary The goal of adversary is to forge avalid authentication token on a fresh message that has neverbeen queried to the SIGN oracle for an honest user whichmeans that it can pretend as the honest user by authenticatingto the server To define the adversaryrsquos goal formally we needto eliminate some trivial cases and to bound the advantage ofthe adversary as follows

In the game of EUF-CMVA security the adversary attemptsto generate an authentication token on an username uidlowast

(corresponding to an unregistered user or honest user ilowast) anda fresh message mlowast The adversary is not allowed to triviallyreveal both the password-wrapped credential and password ofuser ilowast or answers with a (ilowastmlowast σlowast) where σlowast is obtained byquerying SIGN(ilowastmlowast) We consider two cases when boundingthe advantage of the adversary

1) In the first case that either uidlowast has not been registered orthe password-wrapped credential of user ilowast is not revealedthe adversaryrsquos advantage should be negligible That is tosay it is impossible for an attacker to impersonate as anhonest user when it can not access to the password-wrappedcredential

2) In the second case that the password-wrapped credential[creilowast ]pwilowast of user ilowast has been revealed the adversary canmount online dictionary attacks with the following stepsa) Guess a password pw prime and use (uidlowast pw prime [creilowast ]pwilowast )

to generate a token σprime on an arbitrary message mprimeb) Make a query with (uidlowastm prime σprime) as the input to the

VERIFY oracleIn this case the adversaryrsquos advantage is bounded bythe standard advantage of password-based authenticationprotocols which means that the attacker cannot do anybetter than guessing the password online

Definition 4 (EUF-CMVA) We say that a PBC schemePBC is EUF-CMVA secure if for all PPT adversaries A

any polynomial-size integer n any n different usernamesuidini=1 isin U such that the following holds

AdvEUF-CMVAPBCcase-1(A)

def= Pr[ExpEUF-CMVA

PBC (A) = 1] le negl(λ)


def= Pr[ExpEUF-CMVA

PBC (A) = 2] le qv|D|

+ negl(λ)

where ExpEUF-CMVAPBC (A) is defined in Fig 3 and qv is the

number of queries made by A to the VERIFY oracle

Similar to the security notion of digital signatures [30]a stronger variant of the EUF-CMVA security is stronglyExistential UnForgeability under Chosen Message and chosenVerification queries Attack (sEUF-CMVA) meaning that aforgery (mlowast σlowast) is considered as valid if (mlowast σlowast) is not fromthe SIGN oracle The security definition of sEUF-CMVA iseasy to be obtained by slightly modifying the definition ofEUF-CMVA ie Q now additionally includes the authentica-tion tokens created by the SIGN oracle and ExpSEUF-CMVA

PBC (A)returns 0 if (ilowastmlowast σlowast) isin Q The adversaryrsquos advantageAdvSEUF-CMVA

PBCcase-i (A) for foralli isin 1 2 is defined in the same wayas in Definition 4

IV A PRACTICAL CONSTRUCTION OF PBC

We propose a practical PBC scheme denoted by ΠPBCwhich satisfies the security definition of sEUF-CMVA underthe q-SDH and q-DDHI assumptions It is efficient enough tobe deployed in practice and can be implemented by commoncryptographic libraries in many programming languages (egOpenSSL in CC++ and Bouncy Castle in Java) with stan-dardized elliptic curves In this section we will first give thebasic ideas underlying the construction of ΠPBC then presentthe detailed protocol as well as prove its security under thesecurity model described in Section III and finally present theapplication of PBC as a strong authentication mechanism forend user authentication

A High Level Description

In our concrete construction the server creates a tag on uidwith its secret key as the userrsquos credential cre which is thenencrypted by the user with its password pw In the processof authentication the user proves its possession of cre withrespect to uid and sends σ and uid to the server To avoid off-line attacks when the attacker could see many authenticationtokens and password-wrapped credentials the techniques thatwe adopted are explained as follows

bull We use g1(γ+uid) as the credential of user where γ isthe secret key held by server This is inspired by [16] Thecredential is indistinguishable from random group elementswithout the knowledge of γ We encrypt the credential crewith pw by [cre]pw larr cre middotHG(pw) where the correspond-ing decryption algorithm is cre larr [cre]pw middotHG(pw)-1 andHG D rarr G is a cryptographic hash function An attackerwho captures [cre]pw can guess the password with pw prime

and only obtain [cre]pw middotHG(pw prime) However it is an groupelement that is indistinguishable from the real credential cre which can not be used by the attacker to decide whether pw primeis the correct passwordbull We leverage the ldquorandomize-then-proverdquo paradigm when the

user proves its possession of a credential wrt uid The user

6

randomizes its credential cre as T with a randomness a (ieT = crea ) It then proves the validity of the randomizedcredential T using a signature proof of knowledge πT =SPK(a) ga = PK(m) for an implicit public-key PK

bull To verify an authentication token σ = (T πT ) the serverfirst computes PK = T γ+uid and then checks the validityof πT If valid the server is assured that the claimer holdsthe secret a such that ga = T γ+uid and then believes thatit is the legitimate user who has been issued the credentialwrt uid since Tminusa has exactly the form g1(γ+uid)

bull The point here is that σ only could be verified by the serverwho issued the credential (ie holding γ) since only theserver can obtain the complete statement (T PK ) to beproved in the signature proof of knowledge Furthermore itis also infeasible for an attacker to check the validity of πTwith cre since PK can not be derived from T and cre

With these approaches we eliminate the possibility of off-line attacks even if an attacker has the ability to steal thepassword-wrapped credentials The attacker can neither verifythe correctness of its guesses on the password through thedecryption results directly nor by checking the correctness ofthe authentication token generated by it as in the conventionalstrong authentication mechanisms

We note that a PBC scheme can not be constructed with un-deniable signatures [25] or designated verifier signatures [34][50] directly These schemes guarantee that only designatedverifier could convince the validity of the signature but couldnot prevent the attackers from guessing the passwords forencrypting the credential (ie private key) by verifying thecorrectness of signature Furthermore ΠPBC is also not a simpleapplication of the Designated-Verifier Non-Interactive Zero-Knowledge proof (DV-NIZK) [22] and could be instantiatedwith standard Fait-Shamir transformation [28] over commonelliptic curves [1] Our scheme only leverage the idea that itis infeasible for the attackers to check the proof when they donot know the complete statement to be proved

B The Detailed Construction

Let HG D rarr G be a random oracle Our scheme ΠPBC isconstructed as follows

bull Setup(1λ) Given a security parameter λ the setup algo-rithm chooses a set of group parameters (G p g) such thatp is an at least 2λ-bit prime and then outputs pp = (G p g)

bull KeyGen(pp) Given the public parameters pp a server runsthe key generation algorithm which picks γ

$larr Zlowastp andcomputes w larr gγ The server sets sk larr γ and publishesisplarr w and then initializes Reg as empty

bull Issue(γReg) (uid pw) is executed over a secure chan-nel The channel could be established following standardapproaches such as the TLS protocol

1) A user sends its username uid to the server2) The server aborts if uid isin Reg Otherwise it computes

A larr g1(γ+uid) and adds uid to Reg Then it sendscre larr A to the user

3) The user encrypts its credential cre = A by computing[A]pw larr A middotHG(pw) and then stores [A]pw

bull Sign(uid pw [A]pw m) this algorithm decrypts [A]pw bycomputing Alarr [A]pwHG(pw) Then it chooses a $larr Zlowastp

and randomizes A as T larr Aa (ie T = ga(γ+uid)) andgenerates a signature proof of knowledge wrt T as

πT larr SPK

(a) ga = T γ+uid

(m)

Finally it outputs an authentication token σ larr (T πT )bull Verify(γ uid m σ) the verification algorithm parses σ as

(T πT ) If T = 1 it outputs 0 Otherwise it outputs 1 ifVerifySPK ((g T uid γ)m πT ) = 1 and 0 otherwise

For practical usage where the user may want to register andauthenticate with the username on its own choice uid couldbe generated via a cryptographic hash function Hp 0 1 rarrZp with the chosen username as input

Instantiation of SPK Below we give efficient instantiation forthe signature proofs of knowledge SPK Let H 0 1lowast rarr Zpbe a random oracle SPK could be efficiently instantiated asfollows

Prove Pick r$larr Zp and compute R larr gr Then compute

c larr H(g T uid Rm) Next compute s larr r + c middot amod p Finally output a proof π larr (c s)

Verify Given a tuple (g T uid γ) a message m and a proofπ = (c s) compute Rprime larr gs middot Tminus(γ+uid)middotc mod p andthen calculate cprime larr H(g T uid Rprimem) Output 1 if cprime =c and 0 otherwise

One could easily observe that the instantiation of SPK isan application of the Schnorr signature scheme [54] wherethe public key T uid+γ could only be computed by the serverwho has γ Furthermore the Sign and Verify algorithms couldalso be constructed by other standardized signature algorithms(eg ISOIEC 14888-3 [5] ) in the same way For the sakeof simplicity we only present the approach based on Schnorrproof which obtains optimized efficiency and could be im-plemented by commonly adopted cryptographic libraries withstandard curves

C Security Proof

In this section we prove that our scheme ΠPBC is sEUF-CMVA secure provided that the q-SDH and q-DDHI as-sumptions hold in G HG is a random oracle and SPK isunbounded zero-knowledge and simulation-sound extractableFurthermore SPK is zero-knowledge by programming therandom oracle [49] and is simulation-sound extractable inthe random oracle model [13] and generic group model [55]following along the lines of [53] [56] [24] [61]

Theorem 1 Let A be an adversary against the sEUF-CMVA security of PBC scheme ΠPBC who runs in time t andmakes qs queries to the SIGN oracle and qv queries to theVERIFY oracle Then we have

AdvsEUF-CMVAΠPBCcase-1 (A) le AdvSPK(tprime qs qv)+

(qv + 1)(AdvSDHG (tprimeprime n+ 1) + nAdvSDH

G (tprimeprime n))

AdvsEUF-CMVAΠPBCcase-2 (A) le qv

|D|+ AdvSPK(tprime qs qv)+

(qv + 1)AdvSDHG (tprimeprime n+ 1) + nAdvDDHI

G (tprimeprime n)

where AdvSPK(tprime qs qv) = O(AdvuzkSPK(tprime qs) + AdvssminusextSPK (tprimeqs qv)) tprime = t+O((qs + qv)texp) tprimeprime = O(tprime + n2texp) andtexp denotes the time for one exponentiation

7

Proof This proof will proceed via a sequence of gamesWe will bound the decrease of Arsquos advantages betweentwo successive games and denote Arsquos advantage in Gi byAdvi(A)

Game 0 This is the real game The adversary A is givenpp isp and a set of usernames uid ini=1 and has accessesto four oracles SIGNVERIFYREVEALPWREVEALCREDFinally A outputs a valid forgery (uidlowastmlowast σlowast) Let(uid i Ai)ni=1 be a set including the username and credentialpairs of n users created in this game Without loss of generalitywe assume that the output of the adversary (uidlowastmlowast σlowast) hasbeen queried to the VERIFY oracle We have

AdvSEUF-CMVAΠPBCcase-i (A) = Adv0(A) for foralli isin 1 2

Game 1 This game is the same as Game 0 except thefollowing differencesbull Use a zero-knowledge simulator Sim to generate the proofs

of SPK for the answers of the SIGN oraclebull In every VERIFY(uid m σ) query such that σ = (T πT )

execute as follows If (mσ) is from the SIGN oracle return 1 If T = 1 or πT is not the correct form return 0 Otherwise use a knowledge extractor Ext for SPK to

extract a witness a from proof πT If Ext fails return0 Otherwise compute A larr T 1a and return 1 ifand only if Aγ+uid = g Note that a 6= 0 unlessuid + γ = 0 mod p which clearly breaks the discrete-logarithm assumption implied by the assumptions inTheorem 1

Game 1 behaves exactly like Game 0 except for thesimulation of SPK and failing for the extraction of SPKFrom the unbounded zero-knowledge and simulation-soundextractability of SPK we have

Adv0(A) leAdv1(A) +O(AdvuzkSPK(tprime qs) + Advss-extSPK (tprime qs qv))

Game 2 This game is the same as Game 1 except that forevery SIGN( ) query pick u $larr Zlowastp compute T larr gu Thencompute V larr wu middot T uid use Sim to generate a proof πT ona statement (g T V ) and respond with σ larr (T πT )The element T in Game 2 has the same distribution as the onein Game 1 So we have Adv1(A) = Adv2(A)

Game 3 This game is the same as Game 2 except that foreach VERIFY(uid primem σ) query with uid prime = uid isin U whenan element A is computed with either a witness a extractedby Ext for uid prime = uid changing the verification manner of σas Return 0 if (uid A) isin (uid i Ai)ni=1 and 1 otherwiseWe can bound the difference between Game 3 and Game2 using a reduction B from the q-SDH assumption For thereduction we use the following lemma

Lemma 1 For all adversaries B running in time tprime B aimsto win in the experiment as described in Fig 4 (ie Exp1(B)outputs 1) Then Brsquos advantage Adv1(tprime n) is bounded by(qv+1)AdvSDH

G (O(tprime+n2texp) n+1) where qv is the numberof queries to the Check(γ middot middot) oracle

Proof for Lemma 1 If there exists an adversary B that makesqv queries to Check and makes Exp1 output 1 with probabilityε then we can construct an algorithm BSDH that breaks the

Experiment Exp1(B)

(m1 mn state)larr B(1λ)

γ$larr Zlowastp w larr gγ For each i isin [n] Ai larr g1(γ+mi)

(mlowast Alowast)larr BCheck(γmiddotmiddot)(state g w Aini=1)

If Alowast = g1(γ+mlowast) and (mlowast Alowast) isin (mi Ai)ni=1then return 1 Otherwise return 0Check(γmA) return 1 if A = g1(γ+m) and 0 otherwise

Fig 4 Experiment for Lemma 1

q-SDH assumption with probability ε(qv + 1) by interactingwith B as followsGiven a q-SDH instance (g gγ gγ

n

) isin (Glowast)n+1 for someunknown γ isin Zlowastp BSDH aims to output a (mlowast g1(γ+mlowast))for some mlowast isin Zpminusγ First BSDH picks ilowast from [qv + 1]uniformly at random andbull If 1 le ilowast le qv BSDH takes ilowast as the guess for the first time

that a fresh and valid (mlowast Alowast) pair appears for Checkbull Otherwise (ie ilowast = qv + 1) BSDH considers the first fresh

and valid pair appears in the output of BGiven mini=1 we define f(x) = Πn

j=1(x+mj) = Σnj=0αjxj

and fi(x) = f(x)(x + mi) = Πnj=1j 6=i(x + mj) =

Πnminus1j=0 βijx

j for each i isin [n] Then using techniques by [16]BSDH can compute gprime = Πn

j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j

)αjminus1 = gγf(γ) = (gprime)γ and Ai = Πnminus1j=0 (gγ

j

)βij =

gfi(γ) = gf(γ)(γ+mi) = (gprime)1(γ+mi) for each i isin [n]Next BSDH returns gprime w and Aini=1 to B and responds thei-th Check(γmprimei A

primei) query for B as follows

bull If i = ilowast BSDH sets (mA) = (mprimei Aprimei) and aborts

bull Otherwise BSDH returns 1 if (m primei Aprimei) = (mj Aj) for some

1 le j le n and 0 otherwiseIf BSDH does not abort B outputs (mlowast Alowast) and BSDH sets(mA) = (mlowast Alowast)If BSDH guesses correctly with probability 1(qv + 1) itssimulation is perfect and the tuple (mA) is fresh andvalid Thus we have m isin mini=1 since for any valid pair(m A) under gprime and γ A is uniquely determined by m Letf(x) = f prime(x)(x + m) + θ for some θ isin Zlowastp which is alsowritten as f prime(x) = Σnminus1

j=0 δjxj we have

A = (gprime)1(γ+m) = gf(γ)(γ+m) = gfprime(γ)+θ(γ+m)

Finally BSDH computes g1(γ+m) = (Agfprime(γ))1θ with

gfprime(γ) = Πnminus1

j=0 (gγj

)δj and outputs (m g1(γ+m)) as a solu-tion for the q-SDH problemBy Lemma 1 we can straightforwardly bound the differencebetween Game 3 and Game 2 using a reduction B1 against theexperiment in Fig 4 Specifically B1 executes just as in Game2 and interacts with A with the following exceptionsbull B1 outputs (uid1 uidn) in the experiment in Fig 4 and

then receives w and (uid i Ai)ni=1 B1 sets w as isp andsets Ai as the credential of user ibull For each VERIFY(uid primem σ) query if uid prime = uid when A

is computed with a witness a extracted by Ext algorithmB1 returns 1 if Check(γ uid A) = 1bull When B1 finds a username-credential pair (uidlowast Alowast)

such that Check(γ uidlowast Alowast) = 1 but (uidlowast Alowast) isin

8

(uid i Ai)ni=1 B1 outputs (uidlowast Alowast) as its forgeryIf the difference between Game 3 and Game 2 is not negli-gible B1 can output a forgery (uidlowast Alowast) with non-negligibleprobability Thus we have

Adv2(A) = Adv3(A)+(qv+1)AdvSDHG (O(tprime+n2texp) n+1)

Complete the proof for Case 1 If A did not reveal thepassword-wrapped credential of the target user with usernameuidlowast isin U we can bound the advantage of A in Game 3 usinga reduction B2 against the experiment in Fig 4 SpecificallyB2 executes just as in Game 3 and interacts with A with thefollowing exceptions

bull B2 picks ilowast $larr [n] as the guess that uidlowast = uidilowast whereuidlowast is output by A in its forgerybull B2 outputs uid iiisin[n]i6=ilowast in the experiment in Fig 4

and then receives (uid i Ai)iisin[n]i6=ilowast and sets Ai as thecredential of user i for each i isin [n] and i 6= ilowastbull For each VERIFY(uid primem σ) query when an element A is

computed with a witness a extracted by Ext for uid prime = uid B2 returns 1 if and only if Check(γ uid A) = 1bull When B2 finds a username-credential pair (uidlowast Alowast) such

that Check(γ uidlowast Alowast) = 1 and uidlowast = uid ilowast in someVERIFY query B2 outputs (uidlowast Alowast) as its forgery

If B2 guesses correctly with probability 1n B2 needs not tosimulate the password-wrapped credential of user ilowast and thesimulation of B2 is perfect Thus we have

Adv3(A) le n(qv + 1)AdvSDHG (O(tprime + n2texp) n)

Continue the proof for Case 2 If A has revealed thepassword-wrapped credential of the target user ilowast with user-name uidlowast isin U we continue the proof as follows

Game 4 This game is the same as Game 3 except forreplacing the credential Ai of user i with a random elementRi in Glowast for each i isin [n] setting [Ri]pwi

as the userirsquos password-wrapped credential instead of [Ai]pwi

and foreach VERIFY(uid im σ) query when A is computed with awitness a extracted by Ext return 1 if and only if A = RiWe can bound the difference between Game 4 and Game 3using a reduction from the q-DDHI assumption The reductionis done by a standard hybrid argument For every j isin [n]let Game (3 j) be the same as Game 3 except that settinga random Ri in Glowast as the credential of user i for each i isin[j] and using Ri to validate the authentication tokens in allVERIFY(uid i ) queries with uid i isin U It is easy to seethat Game (3 0) is the same as Game 3 and Game (3 n) is thesame as Game 4 If adversary A behaves differently betweenGame (3 j minus 1) and Game (3 j) for some j isin [n] we canconstruct an algorithm B3 breaking the q-DDHI assumptionFor the reduction we use the following lemma

Lemma 2 For all adversaries B running in time tprime B aimsto win in the experiment as described in Fig 5 (ie Exp2(B)outputs 1) Then the Brsquos advantage Adv2(tprime n) is bounded byAdvDDHI

G (O(tprime + n2texp) n+ 1)

Proof for Lemma 2 If there exists an adversary B that makesExp2 return 1 with probability ε we can construct an algorithmBDDHI that breaks the q-DDHI assumption with probabilityεminus np by interacting with B as followsGiven a q-DDHI instance (g gα gα

n

T ) isin (Glowast)n+2 forsome unknown α isin Zlowastp BDDHI aims to distinguish T = g1α

Experiment Exp2(B)

(m1 mnmlowast state)larr B(1λ)


Alowast0$larr Glowast Alowast1 larr g1(γ+mlowast)

bprime larr B(state g w Aini=1 Alowastb)

If b = bprime and mlowast isin mini=1 then return 1Otherwise return 0


with a random T isin G Given m1 mnmlowast BDDHI first

computes the tuple (g gγ gγq

) by the Binomial Theoremwhere γ = αminusmlowast Then it computes gprime = gf(γ) w = (gprime)γ

and Ai = (gprime)1(γ+mi) for each i isin [n] as in the proof forLemma 1 and returns gprime w and Aini=1 to B Nextbull If mlowast is equal to one of mini=1 BDDHI aborts We also

denote this event as abortbull Otherwise BDDHI computes gq(γ) = Πnminus1

j=0 (gγj

)δj andreturns σ = gq(γ)T θ to B as the challenge Alowastb where f(x) =q(x)(x+m) + θ for some θ 6= 0 and q(x) = Σnminus1

j=0 δjxj

Finally BDDHI returns the output of B as the solution of q-DDHI problemIf T = g1(α) then σ = gγgθ(γ+m) = gf(γ)(γ+m) =(gprime)1(γ+m) Otherwise T is uniformly distributed in Glowast andso is σ If BDDHI does not abort it succeeds if Exp2 returns1 The probability of abortion is Pr[abort] le np Thus wehave the bound claimed by Lemma 2By Lemma 2 we can straightforwardly bound the differencebetween Game 4 and Game 3 using a reduction B3 againstthe experiment in Fig 5 In particular B3 executes just as inGame 3 and interacts with A with the following exceptionsbull B3 outputs uid iiisin[n][j] and the challenge message uid j

before the setup phase and receives (uid i Ai)iisin[n][j] andsets Ai as the credential of user i for i isin [n][j] B3 alsoreceives a challenge credential X on message uid j BesidesB3 receives w and sets w as ispbull B3 sets X as the credential of user j and uses X to

validate the tokens in all VERIFY(uid j ) queries withthe extracted uid j bull B3 picks Ri

$larr Glowast and sets Ri as the credential of user ifor each i isin [j minus 1] B3 uses Ri to validate the tokens inall VERIFY (uidi ) queries with the extracted uid i fori isin [j minus 1]

If X is an authentication tag on message uidj B3 behavesexactly as in Game (3 j minus 1) If X is a random element inGlowast B3 behaves exactly as in Game (3 j) Thus we have

Adv3(A) = Adv4(A) + nAdvDDHIG (O(tprime + n2texp) n)

In Game 4 the credentials of all users are uniformly randomin Glowast Since HG is a random oracle [Ri]pwi = Ri middotHG(pwi)is random in group G for every i isin [n] Thus the only way forgetting a credential Ri is to mount online dictionary attacksvia VERIFY for each i isin [n] when the password of user i is notrevealed From the simulation-sound extractability of SPK weknow that A must recover Ri from [Ri]pwi

in order to forgean authentication token on (extracted) username uidlowast = uidifor any i isin [n] Therefore we obtain Adv4(A) le qv|D|

9

In the final game we bound the adversaryrsquos advantage byqv|D| This completes the proof

D Strong Authentication with PBC

Similar to digital signature schemes πPBC (as well asother PBC schemes) can be used as a strong authenticationmechanism as follows

1) The server chooses a challenge message m at randomand sends it to the user

2) The user generates an authentication token σ larrSign(uid pw [cre]pw m) and sends (uid σ) to the server

3) Upon receiving (uid σ) the server verifies the user bychecking whether Verify(γ uid m σ) = 1

A PBC authenticator can be implemented entirely withsoftware The user authenticates to server through ldquosome-thing possessedrdquo (ie the PBC authenticator) and ldquosomethingknownrdquo (ie the password) It provides superior security guar-antees than the other software authenticators in the setting thatthe authenticator is leaked by device stolenbroken as the latterare vulnerable to off-line attacks However in the setting wherethe attacker installs malware (eg key-logger) on the userrsquosdevice and obtains both the password and the credentials itmight not protect the user and additional mitigation is neededto prevent such key-logger attacks One possible mitigationis to use an anti-malware software such as IBMrsquos TrusteerRapport [7] which is available with PC android and IOS

In practice PBC authenticators can be implemented bythe operating system or browser via providing APIs whichcan be called by applications or also be implemented bymobile applications or browser extensions using commoncryptographic libraries alone

Compared with traditional authenticator for strong authen-tication PBC authenticator does not become another thing tobe remembered to carry as it can be implemented acrossdifferent devices (eg mobile phones and desktop computers)simultaneously to perform strong authentication Moreoverthe PBC authenticator can be stored on a cloud server forbackup which enables the user to fetch it on a new devicefor authentication in the case that the old device carryingthe authenticator is compromised or lost By contrast losingan authenticator for hardware-based mechanisms [45] [57][60] means losing all credentials bound to it The W3Crsquos webauthentication specification [60] suggests to register multiplecredentials for the same user as backup for authenticator lost

In PBC a user encrypts and decrypts its credentials withpasswords locally which means that it can change passwordsin an off-line manner by decrypting the wrapped credentialswith old passwords and then encrypting them with new onesNote that the server does not store a password-related file asusual the system also provides security against offline attacksin the event of server compromise (assuming that the attackerdoes not also compromise the password-wrapped credentials)

For practical security we suggest that the server shouldprotect γ with a secure hardware and should implement theIssue algorithm with a protection from being utilized as anoracle which enables an attacker to query credentials belongingto honest users Such protection can be implemented with

User

IdP

RP

(assertionπ

PK

)

User Authentication with PBC

nR(uid π

R )

Fig 6 The application of PBC for holder-of-key assertion

some common measures such as out-of-band devices To avoidonline attacks both the rate-limiting mechanisms in [31] thateffectively limits the number of failed authentication attemptsthat can be made on the userrsquos account and the relatedtechniques [31] reducing the likelihood that an attacker lockslegitimate users out by abusing the mechanism are applicableto PBC-based authentication systems

V APPLICATION OF PBC IN FEDERATED IDENTITY

In this section we show the applications of PBC schemesin federated identity systems where ΠPBC is taken as anexample We first present a trivial application of using PBCfor the authentication between user and IdP and then describehow PBC can be applied for holder-of-key assertions witha privacy-preserving option In the second application weprovide a technique to transform the designated-verifiability ofPBC scheme to publicly-verifiability with the help of an IdPsuch that the user can prove the possession of its credentialto any RP Furthermore to meet the requirement of privacy-preserving scenarios such as the user login at RPs withpseudonyms allocated by the IdP our application also supportsan option that the user prove the possession of key for theholder-of-key assertion in a privacy-preserving way

For simplicity our description only presents the details thatare related to the application of PBC and can be adopted byvarious federation systems implementing either modes such asOpenID Connect [51] OAuth 20 [33] [36] and SAML2 [46][39] Based on a PBC scheme PBC = (SetupKeyGen IssueSignVerify) the applications are described as follows

A Application for user-IdP authentication

Setup The IdP chooses the public parameters pp from apublicly-trusted source such as a standard generates the secretkey γ and public parameter w via executing KeyGen Then itpublishes pp and w

10

Registration The user interacts with IdP via executing theinteractive protocol Issue(skReg) (uid pw) and stores thepassword-wrapped credential [cre]pw to a preferred storage

Authentication In common federated identity systems theuser first visits RP and is then redirected to the IdP forauthentication

1) The IdP generates a challenge nI$larr 0 1λ and sends nI

to the user as a challenge2) Upon receiving nI the user generates the authentication

token σI = (T πT ) via Sign(uid pw [cre]pw nI ) andsends (uid σI ) to the IdP

3) The IdP verifies the userrsquos authentication token σI bychecking Verify(γ uid nI σI ) = 1 and continues theprotocol flow of identity federation if the check passes

B Application for holder-of-key assertion

The authentication token σ = (T πT ) of ΠPBC presented insection IV-B is a signature proof of knowledge

πT larr SPK (a) ga = PK (m) for PK = T γ+uid

which can only be checked by the designated verifier (ie IdP)with the knowledge of γ For a verifier who does not hold γ(eg RP) it needs the value of PK and the knowledge thatPK is generated correctly in the form T γ+uid for an unknownγ Thus we let IdP to provide PK with a proof of knowledgethat proves the validity of PK

In this application the Setup and Registration phases arethe same as in the application presented in Section V-A Wepresent the Authentication phase as follows (Also see Fig 6)

1) The user authenticates to the IdP first where an ephemeralprivate-key a

$larr Zlowastp is chosen and used in the Signalgorithm a is kept for further usage

2) If IdP authenticates the user successfully with an authen-tication token σI = (T πT ) it generates a holder-of-keyassertion assertion In this step we provide two options asfollowsa) (The privacy-preserving option) When the privacy

of user is required to be protected the IdP calcu-lates PK = T γ puts (T PK ) in assertion and signsassertion with a proof of knowledge that logT (PK ) isequal to that of γ

π ˜PK = SPKprime(γ) w = gγ and PK = T γ(middot)

b) Otherwise the IdP calculates PK = T γ+uid and puts(TPK ) in assertion Then it signs assertion with asignature proof of knowledge that the discrete logarithmof logT (Tminusuid middot PK ) is equal to γ

πPK = SPKprime

(γ) w = gγ and Tminusuid middot PK = T γ

(middot)

Next assertion and πPK (or πPK ) are presented to theRP via either the front-channel or back-channel modes Inthe front channel mode assertion and πPK (or πPK ) aretransferred to the RP via the user As for the back-channelmode only a reference to assertion (eg an authorizationcode) is transmitted to the RP via user Then the RPredeems assertion and πPK by sending the reference to the

IdP Upon receiving the reference and checks its validitythe IdP responds with assertion and πPK (or πPK )

3) Upon receiving assertion and πPK (or πPK ) the RPrequests the user to prove the possession of key corre-sponding to PK (or PK ) by sending a random challengenR

$larr 0 1λ4) The user generates a proof-of-possession of the ephemeral

private-key a wrt to the ephemeral public-key PK whichalso includes two optionsa) (The privacy-preserving option) For this option it

calculates a privacy-preserving authentication tokenπR larr SPKprimeprime(a uid) Tminusuid middot ga = PK(nR) andsends πR to the RP

b) Otherwise it calculates πR larr SPK(a) ga =PK(nR) and sends (uid πR) to the RP

5) The RP checks the validity of assertion as well as the userrsquosproof-of-possession of key as followsa) (The privacy-preserving option) For this option the

RP first checks the validity of πPK with w T andPK then checks πR with T and PK and accepts ifall checks pass

b) Otherwise the RP checks πPK and use PK and uidto verify πR

Instantiation of SPKprime Here based on the Chaum-Pedersenprotocol [26] and Fiat-Shamir heuristic [28] SPKprime can beinstantiated as follows for a cryptographic hash functionH prime 0 1lowast rarr Zp

Prove The algorithm picks r $larr Zp and computes R1 larr T r

and R2 larr gr Then it computes s larr r + c middot γ mod pwhere c larr H prime

(g T w Tminusuid middot PK R1 R2

) Finally it

outputs a proof πPK larr (c s)Verify Given a tuple (g T w PK) a proof πPK = (c s)

compute Rprime1 larr T s middot (Tminusuid middotPK )minusc and Rprime2 larr gs middot wminuscand then calculate cprime larr H prime(g T w Tminusuid middotPK Rprime1 Rprime2)Output 1 if cprime = c and 0 otherwise

Instantiation of SPKprimeprime SPKprimeprime can also be instantiated witha cryptographic hash function H primeprime 0 1lowast rarr Zp as

Prove Pick r1 r2$larr Zp and compute R larr Tminusr1 middot gr2

Then compute clarr H primeprime(g TRm) s1 larr r1 + c middot uidmod p and s2 larr r2 + c middot a mod p Finally output πprimeT larr(c s1 s2)

Verify Given a tuple (g T γ) and proof πprimeT = (c s1 s2)compute Rprime larr Tminus(s1+cmiddotγ) mod p middot gs2 and calculatecprime larr H primeprime(g TRprimem) Finally output 1 if cprime = c and 0otherwise

As we stated in Section IV-B SPK could be instantiatedwith standardized signature algorithms (eg ISOIEC 14888-3 [5]) where a is used as the private key and PK is usedas the public key which means that the user could proveits possession of the key a with RP in various mannersFurthermore the application of PBC in federated identitysystems does not require the user to store a since each ais only used in one session

We note that this application does not impact the securityof PBC against offline attack even if the authentication tokens

11

have been converted to be publicly-verifiable Each time whenthe user tries to perform the transform for an authenticationtoken σ it must authenticate to the IdP Thus the request fromattacker can be detected and blocked

VI PERFORMANCE EVALUATION

In this section we evaluate the performances of the primi-tive proposed in Section IV-B as a strong authentication mech-anism as well as its application for holder-of-key assertionsas described in Section V-B Our implementations take placeat the security level of 128-bits where the secp256r1 [1]curve is adopted as the underlying public parameter pp Thehash algorithms (ie H H prime H primeprime and HG) are instantiated bySHA-256 with different prefixes

A Implementations

Strong Authentication Mechanism To simulate the practicalscenario where PBC is adopted for strong authentication overthe Internet we implement ΠPBC in a multi-platform mannerIn particular we develop the Sign algorithm in JavaScript asan implementation of PBC software authenticator where sjcl102 is used as the underlying cryptographic library Thiscorresponds to a wide range of application scenarios wherethe user authenticates to the server through web and mobileplatforms The Verify algorithm is developed in Java whichcorresponds to the practical scenario that the server serves itsclients via the Java-based website frameworks (eg the SpringFramework) and uses Bouncy Castle 160 as the underlyinglibrary of cryptographic primitives

To be more specific the implementation of Sign algorithmis encapsulated in a browser extension for Chrome and theVerify algorithm is integrated into a demo website We notethat this is not the only way to deploy the PBC based strongauthentication mechanism in practice The Sign algorithmcould also be implemented as application for mobile platformor be integrated into the operation systems and browsers asa compliant authenticator and the Verify algorithm couldbe implemented in various programming languages such asPython and Go and employed by servers of different architec-tures In a concrete authentication process the user first visitsthe demo server with its browser and receives a challengemessage embedded in a HTTP page Then it uses the browserextension to read the challenge from the page and calculatesthe authentication token by providing its username passwordand password-wrapped credential to the extension Next theextension writes the authentication token as an element at thepage which triggers the webpage to send the token and theuserrsquos username back to the server Finally the server verifiesthe token via the Verify algorithm

Holder-of-Key Assertion Mechanism The application ofPBC in federated identity systems (see Section V) could bedivided into three parts including

1) The user authenticates to the IdP2) The IdP issues a holder-of-key assertion and signs it with

SPKprime and the RP verifies the signature over assertion byexecuting VerifySPKprime We denote this part as HoKA

3) The user proves its possession of secret key a to the RPWe denote this part as PoPK

Since the implementation of the first part have been developedas a strong authentication mechanism the implementation ofholder-of-key assertion mechanism consists of two parts

HoKA Part We develop an ldquoRPrdquo and an ldquoIdPrdquo as two Javaapplications which could interact with each other During theinteraction the ldquoIdPrdquo calculates PK for a given T issuesan assertion including PK and T with the format definedin SAML2 [46] signs it with SPKprime and sends the assertionand signature to the ldquoRPrdquo Upon receiving the assertion andsignature the ldquoRPrdquo obtains PK and T and verifies thesignature with VerifySPKprime PoPK Part The user end operation is also performed with aJavaScript implementation as in the case of strong authentica-tion and interacts with a prototype of ldquoRPrdquo which performsthe verification

B Performance Evaluation and Comparison with ECDSA

The performances of the PBC based schemes are shownin Table I where AUTH denotes the strong authenticationmechanism HoKA denotes the process of signing and ver-ifying of Holder-of-Key Assertions and PoPK denotes theProof-of-Possession of Key between the user and RP Wealso use PoPK-PBCprime and HoKA-PBCprime to refer to the privacy-preserving option for the holder-of-key assertion mechanismFor comparison we also develop the strong authentica-tion mechanism and holder-of-key assertion mechanism withECDSA To be more specific we implement the user endcomputation of strong authentication and proof-of-possessionof key with ECDSA by employing a tamper-resistant hard-ware module embedded in a USB device that is the AtmelAT88CK590 evaluation kit The kit is equipped with anAtmel ECC508A chip which could perform ECDSA signingoperations and protect the private keys We write a Chromeapplication in JavaScript to interact with the device For theholder-of-key assertion mechanism with ECDSA we imple-ment the corresponding ldquoIdPrdquo and ldquoRPrdquo in the same way asPBC where the ldquoIdPrdquo signs an assertion with ECDSA and theldquoRPrdquo verifies the signature We do not employ the hardwaremodule in the latter implementation since it does not includeuser end operation

Column 1 and 2 show the time breakdown by tokenasser-tion generation and tokenassertion verification

bull For AUTH-PBCECDSA token generation refers to thecalculation of authentication token and token verificationrefers to checking of an authentication tokenbull For HoKA-PBCPBCprimeECDSA assertion generation refers

to the process of calculating PK and signing the assertionand assertion verification refer to the validation of thesignature over assertionbull For PoPK-PBCPBCprimeECDSA token generation refers to

the signing of nR with the ephemeral private key a andtoken verification refers to the verification of the signaturewith PK

The results for AUTH-PBCPBCprimeECDSA are measured withthe Chrome developer tool and Java nanotime function andare the average of 100 runs The comparison result showsthat the time cost for verifying PBC tokens is almost thesame as verifying ECDSA signatures but the generation of

12

tokenassertion tokenassertionLAN

WANgeneration verification 30ms 60ms 90ms 120ms

AUTH-ECDSA 2724daggerlowast 11 3001daggerlowast (415) 3424daggerlowast (243) 3762daggerlowast (387) 3901daggerlowast (589) 4323daggerlowast (542)

AUTH-PBC 1875dagger 10 1924dagger (281) 2249dagger (423) 2506dagger (417) 2843dagger (372) 3195dagger (593)

PoPK-ECDSA 2711daggerlowast 11 3054daggerlowast (554) 3343daggerlowast (430) 3708daggerlowast (278) 4006daggerlowast (164) 4253daggerlowast (478)

PoPK-PBC 1006dagger 10 1250dagger (469) 1497dagger (404) 1888dagger (529) 2190dagger (494) 2502dagger (559)

PoPK-PBCprime1673dagger 10 1905dagger (346) 2237dagger (570) 2452dagger (341) 2811dagger (517) 3142dagger (492)

HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)

TABLE I The comparison between the runtimes (in milliseconds) of PBC and ECDSA when being used as strong authenticationmechanisms or applied in federated identity systems for LAN and WAN In the cases where the results are calculated with theaverage of several runs their standard derivations are presented in brackets dagger denotes that the algorithm or user end computationis implemented by JavaScript denotes that this implementation employs a tamper-resistant hardware module at user end ByPoPK-PBCprime and HoKA-PBCprime we refer to the privacy-preserving option of PBC-based holder-of-key mechanism

PBC token is faster than signing with ECDSA for about100ms The result for HoKA-PBCPBCprimeECDSA are alsomeasured with the average of 100 runs which shows that thePBC based mechanism is slightly slower than the mechanismwith ECDSA with difference limited in 2ms For PoPK-PBCPBCprimeECDSA the advantage of PBC based scheme ismore obvious since the user end implementation only signsthe challenge with a and does not have to repeat the processof decryption and randomizing the credential

Column 3-7 of Table I present the average time costs whenbeing tested over Local Area Network (LAN) and Wide AreaNetwork (WAN) where each result takes the average of 10runs In the LAN setting the implementations are connectedvia an 1Gbps network with ping time less than 1 ms Inthe WAN setting for AUTHPoPK-PBCPBCprimeECDSA weemploy several VPN servers to ldquofixrdquo the latency between theimplementations where all the network latencies are measuredwith the ping command We note that due to the instabilityof Internet the latency can not be truly fixed to a constantvalue In our experiment each result is measured with rela-tively stable latency within plusmn 5ms In the WAN setting forHoKA-PBCPBCprimeECDSA we adopt Liunx tc command tocontrol the network latency The results for AUTHPoPK-PBCPBCprimeECDSA are measured via Chrome developer toolfrom when the user begins to calculate the token to whenthe browser receives the authentication success response fromserver or ldquoRPrdquo It shows that the strong authentication (respproof-of-possession of key) with PBC obtains better efficiencythan with ECDSA while being used on web by saving 26-36 (resp 41-55) time since the user end calculationcould be performed by software When the privacy-preservingoption is used the proof-of-possession of key process saves30-38 time The results for HoKA-PBCPBCprimeECDSA aremeasured from when the ldquoIdPrdquo begins to issue the assertion(ie calculates PK ) to when it receives a response from theldquoRPrdquo which means the check has completed In this scenariothe PBC based scheme is a bit slower than ECDSA Howeverit is still acceptable since it only takes more time from 103xto 110x and the slowdown is relatively small compared to thelatency raised by network and user end computation

Experiment Environment The results in Table I are obtainedwith a workstation and a desktop computer For AUTHPoPK-

ECDSAPBC the user end implementation is run on a desktopcomputer which has an Intel Core i5-3470 processor with 4cores running at 32 Ghz each The underlying OS is Windows10 Enterprise Edition The implementation of server (or ldquoRPrdquo)is run by a Lenovo X3650 workstation which has an IntelXeon E5-2640 v3 processor with 8 cores running at 260 Ghzeach and runs the operating system of CentOS 7 For HoKA-ECDSAPBC both ldquoIdPrdquo and ldquoRPrdquo are run by the workstationas applications which are run by different cores

VII CONCLUSION

In this paper we propose a strong authentication mecha-nism which does not rely on tamper-resistant hardware mod-ules at user end from a new primitive called Password-BasedCredential (PBC) and show its application in federated identitysystems We also present ΠPBC as an efficient construction ofPBC and evaluates its performances The evaluation resultshows that the schemes with PBC also obtain better efficiencythan the traditional strong authentication mechanisms withtamper-resistant hardware modules As future work we planto develop our PBC based schemes in real-world applicationscenarios It can be expected that our schemes help organiza-tions and enterprises to provide their users with friendly andstrong authentication experiences in the future

ACKNOWLEDGMENT

The authors would like to thank the anonymous reviewersof NDSS 2020 and Jeremiah Blocki for their helpful com-ments and suggestions This work is supported by the Na-tional Key Research and Development Program of China (No2017YFB0802500 2017YFB0802000) and the National Nat-ural Science Foundation of China (No 61728208 U153620561802376 and 61802021)

REFERENCES

[1] ldquoSEC 2 Recommended Elliptic Curve Domain Parameters version 20rdquoCerticom Research Standards for Efficient Cryptography July 2010

[2] ldquoiCloud Data Breach Hacking And Celebrity Photosrdquohttpswwwforbescomsitesdavelewis20140902icloud-data-breach-hacking-and-nude-celebrity-photos September 2014

[3] ldquoLook What I Found Pony is After Your Coinsrdquohttpswwwtrustwavecomen-usresourcesblogsspiderlabs-bloglook-what-i-found-pony-is-after-your-coins February 2014

13

[4] ldquoLost electronic devices can lead to data breachesrdquohttpswwwazcentralcomstorymoneybusinesstech20150930lost-electronic-devices-data-breaches73058138 September 2015

[5] ldquoISOIEC 14888-3 2018 IT Security techniques ndash Digital signatureswith appendix ndash Part 3 Discrete logarithm based mechanismsrdquo ISOIECInternational Standards November 2018

[6] ldquoCreating a SAML holder-of-key token using the APIrdquo httpswwwibmcomsupportknowledgecenterenSSAW57 855comibmwebspherendmultiplatformdocaetwbs createholderofkeytokenhtmlMarch 2019

[7] ldquoBM Trusteer Rapport - Helps financial institutions detect and preventmalware infections and phishing attacks maximizing protection for theircustomersrdquo httpswwwibmcomus-enmarketplacephishing-and-malware-protection December 2019

[8] ldquoSign in with Apple - the fast easy way to sign in to apps and websitesrdquohttpsdeveloperapplecomsign-in-with-apple August 2019

[9] M Abdalla F Benhamouda and P MacKenzie ldquoSecurity of the J-PAKE password-authenticated key exchange protocolrdquo in 2015 IEEESymposium on Security and Privacy SP 2015 San Jose CA USA May17-21 2015 pp 571ndash587

[10] D Baghdasaryan R Sasson B Hill J Hodges and K Yang ldquoFIDOUAF Authenticator Comandsrdquo FIDO Alliance 2017

[11] A Barki S Brunet N Desmoulins and J Traore ldquoImproved alge-braic macs and practical keyed-verification anonymous credentialsrdquo inSelected Areas in Cryptography - SAC 2016 2016 pp 360ndash380

[12] M Bellare D Pointcheval and P Rogaway ldquoAuthenticated key ex-change secure against dictionary attacksrdquo in Advances in Cryptology- EUROCRYPT 2000 International Conference on the Theory andApplication of Cryptographic Techniques Bruges Belgium May 14-182000 Proceedings pp 139ndash155

[13] M Bellare and P Rogaway ldquoRandom oracles are practical A paradigmfor designing efficient protocolsrdquo in Proceedings of the 1st ACM Con-ference on Computer and Communications Security CCSrsquo93 FairfaxVirginia USA November 3-5 1993 pp 62ndash73

[14] mdashmdash ldquoThe AuthA Protocol for PasswordBased Authenticated KeyExchangerdquo Contribution to IEEE P1363 2000

[15] D Boneh and X Boyen ldquoSecure identity based encryption without ran-dom oraclesrdquo in Advances in Cryptology - CRYPTO 2004 24th AnnualInternational Cryptology Conference Santa Barbara California USAAugust 15-19 2004 Proceedings pp 443ndash459

[16] mdashmdash ldquoShort signatures without random oraclesrdquo in Advances in Cryp-tology - EUROCRYPT 2004 International Conference on the Theoryand Applications of Cryptographic Techniques Interlaken SwitzerlandMay 2-6 2004 Proceedings pp 56ndash73

[17] J Bonneau C Herley P C van Oorschot and F Stajano ldquoThe questto replace passwords A framework for comparative evaluation of webauthentication schemesrdquo in IEEE Symposium on Security and PrivacySampP 2012 21-23 May 2012 San Francisco California USA pp 553ndash567

[18] H Brekalo R Strackx and F Piessens ldquoMitigating password databasebreaches with intel SGXrdquo in Proceedings of the 1st Workshop on SystemSoftware for Trusted Execution SysTEXMiddleware 2016 TrentoItaly December 12 2016 pp 11ndash16

[19] J Camenisch M Drijvers and M Dubovitskaya ldquoPractical uc-secure delegatable credentials with attributes and their application toblockchainrdquo in Proceedings of the 2017 ACM SIGSAC Conference onComputer and Communications Security CCS 2017 2017 pp 683ndash699

[20] J Camenisch A Lehmann G Neven and K Samelin ldquoVirtual smartcards How to sign with a password and a serverrdquo in Security andCryptography for Networks - 10th International Conference SCN 20162016 pp 353ndash371

[21] J Camenisch and M Stadler ldquoEfficient group signature schemes forlarge groups (extended abstract)rdquo in Advances in Cryptology - CRYPTOrsquo97 17th Annual International Cryptology Conference Santa BarbaraCalifornia USA August 17-21 1997 Proceedings pp 410ndash424

[22] P Chaidos and G Couteau ldquoEfficient designated-verifier non-interactivezero-knowledge proofs of knowledgerdquo in Advances in Cryptology -EUROCRYPT 2018 - 37th Annual International Conference on theTheory and Applications of Cryptographic Techniques Tel Aviv Israel2018 pp 193ndash221

[23] M Chase and A Lysyanskaya ldquoOn signatures of knowledgerdquo inAdvances in Cryptology - CRYPTO 2006 26th Annual InternationalCryptology Conference Santa Barbara California USA August 20-24 2006 Proceedings pp 78ndash96

[24] M Chase S Meiklejohn and G Zaverucha ldquoAlgebraic macs andkeyed-verification anonymous credentialsrdquo in Proceedings of the 2014ACM SIGSAC Conference on Computer and Communications SecurityCCS 2014 Scottsdale AZ USA November 3-7 2014 pp 1205ndash1216

[25] D Chaum and H V Antwerpen ldquoUndeniable signaturesrdquo in Advancesin Cryptology - CRYPTO rsquo89 9th Annual International CryptologyConference Santa Barbara California USA August 20-24 1989Proceedings pp 212ndash216

[26] D Chaum and T P Pedersen ldquoWallet databases with observersrdquo inAdvances in Cryptology - CRYPTO rsquo92 12th Annual InternationalCryptology Conference Santa Barbara California USA August 16-201992 Proceedings pp 89ndash105

[27] A Everspaugh R Chatterjee S Scott A Juels and T Ristenpart ldquoThepythia PRF servicerdquo in 24th USENIX Security Symposium USENIXSecurity 2015 Washington DC USA August 12-14 2015 pp 547ndash562

[28] A Fiat and A Shamir ldquoHow to prove yourself Practical solutionsto identification and signature problemsrdquo in Advances in Cryptology -CRYPTO rsquo86 Santa Barbara California USA 1986 Proceedings pp186ndash194

[29] V Galindo R Lindemann U Martini C Edwards and J HodgesldquoFIDO UAF APDUrdquo FIDO Alliance 2017

[30] S Goldwasser S Micali and R L Rivest ldquoA digital signature schemesecure against adaptive chosen-message attacksrdquo SIAM J Computvol 17 no 2 pp 281ndash308 1988

[31] P Grassi M Garcia and J Fenton ldquoNIST Special Publication 800-63-3 Digital Identity Guidelinesrdquo National Institute of Standards andTechnology 2017

[32] J Groth ldquoSimulation-sound NIZK proofs for a practical languageand constant size group signaturesrdquo in Advances in Cryptology -ASIACRYPT 2006 12th International Conference on the Theory andApplication of Cryptology and Information Security Shanghai ChinaDecember 3-7 2006 Proceedings pp 444ndash459

[33] D Hardt ldquoThe OAuth 20 Authorization Frameworkrdquo RFC 6749 2012

[34] M Jakobsson K Sako and R Impagliazzo ldquoDesignated verifier proofsand their applicationsrdquo in Advances in Cryptology - EUROCRYPT rsquo96International Conference on the Theory and Application of Crypto-graphic Techniques Saragossa Spain May 12-16 1996 Proceedingpp 143ndash154

[35] S Jarecki H Krawczyk M Shirvanian and N Saxena ldquoTwo-factorauthentication with end-to-end password securityrdquo in Public-Key Cryp-tography - PKC 2018 - 21st IACR International Conference on Practiceand Theory of Public-Key Cryptography Rio de Janeiro Brazil March25-29 2018 Proceedings Part II pp 431ndash461

[36] M Jones J Bradley and H Tschofenig ldquoProof-of-Possession KeySemantics for JSON Web Tokens (JWTs)rdquo RFC 7800 2016

[37] M Jones ldquoThe Increasing Importance of Proof-of-Possession to theWebrdquo httpswwww3org2012webcryptowebcrypto-next-workshoppaperswebcrypto2014 submission 8pdf Tech Rep 2014

[38] A J Menezes P C Van Oorschot and S A Vanstone Handbook ofapplied cryptography CRC press

[39] N Klingenstein and S Tom ldquoSAML V20 Holder-of-Key Web BrowserSSO Profile Version 10rdquo 2010

[40] D Kogan N Manohar and D Boneh ldquoTkey Second-factor authen-tication from secure hash chainsrdquo in Proceedings of the 2017 ACMSIGSAC Conference on Computer and Communications Security CCS2017 Dallas TX USA October 30 - November 03 2017 pp 983ndash999

[41] K Krawiecka A Paverd and N Asokan ldquoProtecting passworddatabases using trusted hardwarerdquo in Proceedings of the 1st Workshopon System Software for Trusted Execution SysTEXMiddleware 2016Trento Italy December 12 2016 pp 91ndash96

[42] R W F Lai C Egger D Schroder and S S M Chow ldquoPhoenix Re-birth of a cryptographic password-hardening servicerdquo in 26th USENIXSecurity Symposium USENIX Security 2017 Vancouver BC CanadaAugust 16-18 2017 pp 899ndash916

14

[43] N Leoutsarakos ldquoWhatrsquos wrong with FIDOrdquo httpswebarchiveorgweb20180816202011httpwwwzeropasswordscompdfsWHATisWRONG FIDOpdf May 2015

[44] R Lindemann and J Kemp ldquoFIDO UAF Authenticator-Specific ModuleAPIrdquo FIDO Alliance 2017

[45] R Lindemann and E Tiffany ldquoFIDO UAF Protocol SpecificationrdquoFIDO Alliance 2017

[46] H Lockhart and C Brian ldquoSecurity Assertion Markup Language(SAML) v20 Technical Overviewrdquo OASIS 2008

[47] S Mare M Baker and J Gummeson ldquoA study of authentication indaily liferdquo in Twelfth Symposium on Usable Privacy and SecuritySOUPS 2016 2016 pp 189ndash206

[48] A Mayer V Mladenov and J Schwenk ldquoOn the security of holder-of-key single sign-onrdquo in Sicherheit 2014 Sicherheit Schutz und Zu-verlassigkeit Beitrage der 7 Jahrestagung des Fachbereichs Sicherheitder Gesellschaft fur Informatik eV (GI) 2014 pp 65ndash77

[49] D Pointcheval and J Stern ldquoSecurity arguments for digital signaturesand blind signaturesrdquo J Cryptology vol 13 no 3 pp 361ndash396 2000

[50] S Saeednia S Kremer and O Markowitch ldquoAn efficient strongdesignated verifier signature schemerdquo in Information Security andCryptology - ICISC 2003 6th International Conference Seoul KoreaNovember 27-28 2003 Revised Papers pp 40ndash54

[51] N Sakimura J Bradley M B Jones B de Medeiros and C Mor-timore ldquoOpenID Connect Core 10 incorporating errata set 1rdquo TheOpenID Foundation 2017

[52] J Schneider N Fleischhacker D Schroder and M Backes ldquoEfficientcryptographic password hardening services from partially obliviouscommitmentsrdquo in Proceedings of the 2016 ACM SIGSAC Conferenceon Computer and ommunications Security CCS 2016 Vienna AustriaOctober 24-28 2016 pp 1192ndash1203

[53] C Schnorr ldquoSecurity of blind discrete log signatures against interactiveattacksrdquo in Information and Communications Security Third Interna-tional Conference ICICS 2001 Xian China November 13-16 2001pp 1ndash12

[54] mdashmdash ldquoEfficient signature generation by smart cardsrdquo J Cryptologyvol 4 no 3 pp 161ndash174 1991

[55] V Shoup ldquoLower bounds for discrete logarithms and related problemsrdquoin Advances in Cryptology - EUROCRYPT rsquo97 International Con-ference on the Theory and Application of Cryptographic TechniquesKonstanz Germany May 11-15 1997 Proceeding pp 256ndash266

[56] N P Smart ldquoThe exact security of ECIES in the generic groupmodelrdquo in Cryptography and Coding 8th IMA International Confer-ence Cirencester UK December 17-19 2001 Proceedings pp 73ndash84

[57] S Srinivas D Balfanz E Tiffany and A Czeskis ldquoUniversal 2ndFactor(U2F) Overviewrdquo FIDO Alliance 2017

[58] ldquoTPM 20 Library Specificationrdquo httpstrustedcomputinggrouporgresourcetpm-library-specification Trusted Computing Group 2013

[59] M View J Rydell M Pei and S Machani ldquoTOTP Time-Based One-Time Password Algorithmrdquo RFC 6238 2011

[60] W3C Web Authentication Working Group ldquoWeb Authentication AnAPI for accessing Public Key Credentials - Level 1rdquo March 2018

[61] Z Zhang K Yang X Hu and Y Wang ldquoPractical anonymous pass-word authentication and TLS with anonymous client authenticationrdquo inProceedings of the 2016 ACM SIGSAC Conference on Computer andCommunications Security CCS 2016 Vienna Austria October 24-282016 pp 1179ndash1191

15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries

Cryptographic Assumptions

Non-Interactive Zero-Knowledge Proofs

Password-Based Credential

Syntax of PBC

Security Definition of PBC

A Practical Construction of PBC

High Level Description

The Detailed Construction

Security Proof

Strong Authentication with PBC

Application of PBC in Federated Identity

Application for user-IdP authentication

Application for holder-of-key assertion

Performance Evaluation

Implementations

Performance Evaluation and Comparison with ECDSA

Conclusion

References

[cre]pw

m

σ

cre prime larr Dec(pw prime [cre]pw ) check MAC(cre primem) = σ

Fig 1 Off-line attack for strong authentication with symmetriccrypto where cre is a symmetric key and user authenticatesthrough MAC values (ie σ larr MAC(crem))

m

(σ cert)

[cre]pw

cre prime larr Dec(pw prime [cre]pw ) pk larr certcheck VerifyKey(pk cre prime) = 1

Fig 2 Off-line attack for strong authentication with asymmet-ric crypto where cre is a private key and the user authenticateswith digital signatures (ie σ larr Sign(crem)) and cert is acertificate wrt the userrsquos public key pk and private key cre

cre prime and then determine the correctness of guess by usingcre prime to check the validity of σ (See Fig 1)

bull If σ can be verified publicly (in the case of asymmetriccrypto) then off-line attacks are also feasible One candetermine the correctness of pwprime via extracting the publickey pk from cert which is contained in the authenticationtokens and then checking whether (pk cre prime) is a validpublic-private key pair (See Fig 2)

In practice these secrets are commonly stored with tamper-resistant hardware modules at user end Both the FIDO UAFprotocol [10] [29] [44] and W3Crsquos specification [60] highlyrecommend using tamper-resistant hardware modules (egSIM card and Trusted Platform Module (TPM)) for user endimplementation (ie FIDO authenticator) to protect the privatekeys and perform cryptographic operations

The employment of tamper-resistant hardware module de-creases the usability of strong authentication schemes as enduser authentication mechanisms which is also seen as oneof the major drawbacks of currently deployed strong authen-tication mechanisms [17] [47] [43] The module (ie thedevice it residents) becomes another thing to be rememberedto carry and the secret keys stored by such a module wouldbe permanently lost once the module is broken or lost

For federated identity systems assertions convey authen-tication and attribute information of users from Identity

Providers (IdPs) to separately-administered Relying Parties(RPs) They can be presented directly to the RP or beforwarded through the user Upon receiving an assertion theRP uses the information contained to identify the user and tomake authorization decisions about its accesses to resourcescontrolled by the RP A bearer assertion can be presented byany party as proof of the bearerrsquos identity and may lead toimpersonation attacks if it is captured by attackers

To enhance the security guarantees provided by assertionsthe notion of holder-of-key assertion is introduced for manyfederation approaches (eg SAML2 [39] and OAuth20 [36])It prevents assertions from being abused by malicious RPsand guarantees that the user cannot repudiate for an assertionsent by him This technique has been adopted for commercialproducts such as Microsoftrsquos XBOX [37] and IBMrsquos Web-Sphere [6] and also utilized by the digital identity guidelinespublished by NIST [31] as a requirement for the highest levelof federation assurance Particularly a holder-of-key assertioncontains a reference to the key held by the user (eg publickey) To verify such an assertion the RP requires the userto cryptographically prove possession of the key (eg privatekey) that corresponds to the key reference presented in theassertion

Currently the holder-of-key assertion mechanisms aremainly implemented via certificates [39] [48] where the usermust send its X509 certificate and prove possession of thekey referred in the certificate However such mechanisms areinconvenient for end users due to the requirement of certifi-cate and also require tamper-resistant hardware to protect theprivate keys Moreover for federated identity systems whichemploy RP-specific pseudonyms to protect the privacy of users(eg Sign-in with Apple [8]) RPs can collude and link thesame user through the key used in holder-of-key assertionswhich breaks the un-linkability brought by pseudonyms Withcurrent technologies an IdP cannot both preserve the privacyof users and support holder-of-key assertions simultaneously

A Our Contributions

The main contribution of this paper is the first strongauthentication scheme which does not require tamper-resistanthardware modules to protect secrets at user end We further-more present its application with federated identity systemsto solve the issues of userrsquos privacy and reliance on tamper-resistant hardware in the current holder-of-key assertion mech-anisms Our scheme wraps (aka protects) credentials of usersby passwords and can be implemented on different devices(eg mobile phones and desktop computers) to support cross-terminal authentication but is resistant to phishing attacks andoffline dictionary attacks even in the case that the attackercan both obtain the password-wrapped credentials and see theauthentication tokens that the user sends to the server

Our contributions can be summarized as follows

bull We formalize the syntax of a new primitive called Password-Based Credential (PBC) Informally the PBC scheme re-quires a user with identifier uid to register to a server andobtain a credential cre which is wrapped (ie encrypted)with a password pw The password-wrapped credential[cre]pw can be stored in a general-purpose device or a

2















C Related Work



3




II PRELIMINARIES





AdvSDHG

def= Pr[x


) = (c g1(x+c))]






AdvDDHIG

def=


q

g1x) = 1]minus



U) = 1]∣∣∣

lt negl(λ)








4




A Syntax of PBC




















5


















def= Pr[ExpEUF-CMVA



def= Pr[ExpEUF-CMVA


+ negl(λ)













6

















πT larr SPK

(a) ga = T γ+uid

(m)









C Security Proof





G (tprimeprime n))




G (tprimeprime n)


7















Experiment Exp1(B)







n






Πnminus1j=0 βijx


j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j


j

)βij =






j=0 δjxj we have




j=0 (gγj





8

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References















C Related Work



3




II PRELIMINARIES





AdvSDHG

def= Pr[x


) = (c g1(x+c))]






AdvDDHIG

def=


q

g1x) = 1]minus



U) = 1]∣∣∣

lt negl(λ)








4




A Syntax of PBC




















5


















def= Pr[ExpEUF-CMVA



def= Pr[ExpEUF-CMVA


+ negl(λ)













6

















πT larr SPK

(a) ga = T γ+uid

(m)









C Security Proof





G (tprimeprime n))




G (tprimeprime n)


7















Experiment Exp1(B)







n






Πnminus1j=0 βijx


j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j


j

)βij =






j=0 δjxj we have




j=0 (gγj





8

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References




II PRELIMINARIES





AdvSDHG

def= Pr[x


) = (c g1(x+c))]






AdvDDHIG

def=


q

g1x) = 1]minus



U) = 1]∣∣∣

lt negl(λ)








4




A Syntax of PBC




















5


















def= Pr[ExpEUF-CMVA



def= Pr[ExpEUF-CMVA


+ negl(λ)













6

















πT larr SPK

(a) ga = T γ+uid

(m)









C Security Proof





G (tprimeprime n))




G (tprimeprime n)


7















Experiment Exp1(B)







n






Πnminus1j=0 βijx


j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j


j

)βij =






j=0 δjxj we have




j=0 (gγj





8

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References




A Syntax of PBC




















5


















def= Pr[ExpEUF-CMVA



def= Pr[ExpEUF-CMVA


+ negl(λ)













6

















πT larr SPK

(a) ga = T γ+uid

(m)









C Security Proof





G (tprimeprime n))




G (tprimeprime n)


7















Experiment Exp1(B)







n






Πnminus1j=0 βijx


j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j


j

)βij =






j=0 δjxj we have




j=0 (gγj





8

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References


















def= Pr[ExpEUF-CMVA



def= Pr[ExpEUF-CMVA


+ negl(λ)













6

















πT larr SPK

(a) ga = T γ+uid

(m)









C Security Proof





G (tprimeprime n))




G (tprimeprime n)


7















Experiment Exp1(B)







n






Πnminus1j=0 βijx


j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j


j

)βij =






j=0 δjxj we have




j=0 (gγj





8

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References

















πT larr SPK

(a) ga = T γ+uid

(m)









C Security Proof





G (tprimeprime n))




G (tprimeprime n)


7















Experiment Exp1(B)







n






Πnminus1j=0 βijx


j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j


j

)βij =






j=0 δjxj we have




j=0 (gγj





8

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References















Experiment Exp1(B)







n






Πnminus1j=0 βijx


j=0(gγj

)αj = gf(γ) w =

Πn+1j=1 (gγ

j


j

)βij =






j=0 δjxj we have




j=0 (gγj





8

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References

















n


Experiment Exp2(B)












j=0 (gγj


j=0 δjxj









9












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References












User

IdP

RP

(assertionπ

PK

)


nR(uid π

R )








10


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References


















πPK = SPKprime


(middot)















) Finally it









11




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References




A Implementations
















12








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References








HoKA-ECDSA 07 10 33 (024) 347 (133) 652 (162) 939 (182) 1245 (190)

HoKA-PBC 21 24 51 (059) 383 (097) 694 (102) 987 (145) 1290 (143)

HoKA-PBCprime 20 19 50 (098) 372 063 688 (175) 984 (167) 1271 (123)






VII CONCLUSION


ACKNOWLEDGMENT


REFERENCES




13








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References








































14




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References




















15

Introduction

Our Contributions

Technical Overview

Related Work

Preliminaries




Syntax of PBC





Security Proof






Implementations


Conclusion

References

strong authentication without tamper-resistant hardware ... · strong authentication without...

Documents