计算机科学 ›› 2020, Vol. 47 ›› Issue (11): 42-47.doi: 10.11896/jsjkx.200500144

所属专题: 智能移动身份认证

• 智能移动身份认证 • 上一篇    下一篇

口令Zipf分布对相关安全协议的影响分析

董奇颖, 单轩, 贾春福   

  1. 南开大学网络空间安全学院 天津 300350
    天津市网络与数据安全技术重点实验室 天津 300350
  • 收稿日期:2020-05-28 修回日期:2020-08-07 出版日期:2020-11-15 发布日期:2020-11-05
  • 通讯作者: 贾春福(cfjia@nankai.edu.cn)
  • 作者简介:dqy@mail.nankai.edu.cn
  • 基金资助:
    国家自然科学基金(61972215)

Impact of Zipf's Law on Password-related Security Protocols

DONG Qi-ying, SHAN Xuan, JIA Chun-fu   

  1. College of Cyber Science,Nankai University,Tianjin 300350,China
    Tianjin Key Laboratory of Network and Data Security Technology,Tianjin 300350,China
  • Received:2020-05-28 Revised:2020-08-07 Online:2020-11-15 Published:2020-11-05
  • About author:DONG Qi-ying,born in 1996,Ph.D,is a member of China Computer Federation.Her main research interests include password security,identity authentication and deep learning.
    JIA Chun-fu,born in 1967,Ph.D,professor,Ph.D supervisor,is a member of China Computer Federation.His main research interests include network and information security,trusted computing and software security,malicious code analysis and cryptography applications.
  • Supported by:
    This work was supported by the National Natural Science Foundation of China (61972215).

摘要: 身份认证是确保网络与信息系统安全的第一道防线,口令则是最普遍的身份认证方式。现有研究通常假设用户构造的口令服从均匀分布,然而,最新的研究表明,口令服从Zipf分布,这意味着目前大部分口令相关安全协议都低估了攻击者优势,并不能达到所声称的安全性。针对上述问题,文中以Gjøsteen 等提出的基于口令的签名(Password-Based Signatures,PBS)协议以及Jarecki等提出的口令保护秘密共享(Password-Protected Secret Sharing,PPSS)协议为典型代表,从口令服从Zipf分布这一基本假设出发,分析了这两个协议的安全性证明缺陷,并重新定义了其安全性。同时,文中给出了对上述两个协议的改进:对于PBS协议,重新计算了攻击者优势,并通过限制攻击者猜测次数和委托可信第三方保管密钥,使得改进后的PBS协议可以抵御恶意攻击者仿冒一般用户的攻击,以及恶意服务器猜测用户口令并伪造签名的攻击;对于PPSS协议,基于诱饵口令思想,在服务器端设置了Honey_List以检测并阻止在线口令猜测攻击。

关键词: Zipf分布, 安全性证明, 可信第三方, 口令相关安全协议, 诱饵口令思想

Abstract: Identity authentication is the first line of defense for the security of networks and information systems,and password is the most common method of identity authentication.Researches usually assume that user-constructed passwords obey uniform distribution.However,recent studies found that passwords obey Zipf's law,which means that most password-related security protocols underestimate the advantage of an attacker and thus fail to achieve the claimed security.In response to the above problem,first of all,Password-Based Signatures (PBS) protocol proposed by Gjøsteen,et al. and Password-Protected Secret Sharing (PPSS) protocol proposed by Jarecki,et al.are taken as typical representatives.Based on the basic assumption that passwords obey Zipf's law,the security proofs of these two protocols are demonstrated to be flawed,and the security is redefined.Furthermore,the improvements to the two protocols are given respectively.In improved PBS protocol,an attacker's advantage is recalculated.By limiting the guess number of an attacker and entrusting a trusted third party to keep the key,the protocol can prevent a malicious attacker from disguising a legitimate user,and can prevent a malicious server from guessing a user's password and for-ging the signature.In improved PPSS protocol,a Honey_List is set on the server side based on honeywords to detect and prevent online password guessing attack.

Key words: Honeywords, Password-related security protocols, Security proof, Trusted third party, Zipf's law

中图分类号: 

  • TP309
[1] BONNEAU J,HERLEY C,VAN O P C,et al.The quest to replace passwords:A framework for comparative evaluation of web authentication schemes [C]//2012 IEEE Symposium on Security and Privacy.IEEE,2012:553-567.
[2] GJØSTEEN K,THUEN Ø.Password-based signatures [C]//European Public Key Infrastructure Workshop.Springer,2011:17-33.
[3] JARECKI S,KIAYIAS A,KRAWCZYK H,et al.Highly-efficient and composable password-protected secret sharing (or:how to protect your bitcoin wallet online) [C]//2016 IEEE European Symposium on Security and Privacy (EuroS&P).2016:276-291.
[4] CASTELLUCCIA C,DÜRMUTH M,PERITO D.AdaptivePassword-Strength Meters from Markov Models [C]//NDSS.2012.
[5] SCHECHTER S,HERLEY C,MITZENMACH-ER M.Popu-larity is everything:A new approach to protecting passwords from statistical-guessing attacks [C]//Proceedings of the 5th USENIX Conference on Hot Topics in Security.USENIX Association,2010:1-8.
[6] NEWMAN M E J.Power laws,Pareto distributions and Zipf's law [J].Contemporary Physics,2005,46(5):323-351.
[7] WANG D,CHENG H,WANG P,et al.Zipf's law in passwords[J].IEEE Transactions on Information Forensics and Security,2017,12(11):2776-2791.
[8] KATZ J,OSTROVSKY R,YUNG M.Effi cient and secure authenticated key exchange using weak passwords [J].Journal of the ACM(JACM),2009,57(1):1-39.
[9] BAGHERZANDI A,JARECKI S,SAXENA N,et al.Password-protected secret sharing [C]//Proceedings of the 18th ACM conference on Computer and Communications Security,2011:433-444.
[10] JARECKI S,KIAYIAS A,KRAWCYZK H.Round-optimalpassword-protected secret sharing and T-PAKE in the password-only model [C]//International Conference on the Theory and Application of Cryptology and Information Security.Springer,2014:233-253.
[11] WANG D,WANG P.On the implications of Zipf's law in passwords[C]//European Symposium On Research in Computer Security.Springer,2016:111-131.
[12] WANG D,WANG P.Two birds with one stone:Two-factor authentication with security beyond conventional bound [J].IEEE Transactions on Dependable and Secure Computing,2016,15(4):708-722.
[13] JUELS A,RIVEST R L.Honeywords:Making password-crac-king detectable [C]//Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security.2013:145-160.
[14] SHAMIR A.How to share a secret [J].Communications of the ACM,1979,22(11):612-613.
[1] 王然然, 王勇, 蔡雨桐, 姜正涛, 代桂平.
基于进程代数的Yahalom协议正确性的形式化验证
Formal Verification of Yahalom Protocol Based on Process Algebra
计算机科学, 2021, 48(6A): 481-484. https://doi.org/10.11896/jsjkx.200500074
[2] 甘勇, 王凯, 贺蕾.
带TTP的多所有者内部权重变化所有权转换协议
Ownership Transfer Protocol for Multi-owners Internal Weight Changes with Trusted Third Party
计算机科学, 2019, 46(6A): 370-374.
[3] 张光华, 刘会梦, 陈振国.
云计算环境下基于属性的撤销方案
Attribute-based Revocation Scheme in Cloud Computing Environment
计算机科学, 2018, 45(8): 134-140. https://doi.org/10.11896/j.issn.1002-137X.2018.08.024
[4] 金瑜,蔡超,何亨,李鹏.
BTDA:基于半可信第三方的动态云数据更新审计方案
BTDA:Dynamic Cloud Data Updating Audit Scheme Based on Semi-trusted Third Party
计算机科学, 2018, 45(3): 144-150. https://doi.org/10.11896/j.issn.1002-137X.2018.03.023
[5] 李磊,贾惠文,班学华,何宇帆.
基于混淆的广播多重签名方案
Obfuscation-based Broadcasting Multi-signature Scheme
计算机科学, 2017, 44(Z11): 329-333. https://doi.org/10.11896/j.issn.1002-137X.2017.11A.069
[6] 王佩雪,周华强.
多租户环境下基于可信第三方的云安全模型研究
Research on Cloud Security Model Based on Trusted Third Party on Multi-tenant Environment
计算机科学, 2014, 41(Z6): 363-365.
[7] 贺靖靖 刘景森 史强 傅慧明.
基于PMI角色模型的匿名认证方案
Anonymous Authentication Scheme Based on Role Model of PMI
计算机科学, 2012, 39(Z11): 33-35.
[8] 马海英,曾国荪.
一种新型的撤销成员的无加密短群签名方案
Novel Revocable Short Group Signatures Scheme without Encryption
计算机科学, 2012, 39(4): 41-45.
[9] 姜芳艽.
基于Zipf分布与属性相关性的选择性估计
Selectivity Estimation Based on 7ipf Distribution and Attribute Correlation
计算机科学, 2010, 37(11): 184-189.
[10] .
一种新的动态副本管理机制

计算机科学, 2006, 33(9): 50-51.
[11] 李艳平 司光东 王育民.
一种新的多方不可否认协议

计算机科学, 2006, 33(8): 95-97.
[12] 郎为民 杨宗凯 吴世忠 谭运猛.
一种基于ECC的可恢复离线电子支付系统

计算机科学, 2004, 31(10): 74-75.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!