Change search
ReferencesLink to record
Permanent link

Direct link
Distributed cipher chaining for increased security in password storage
Linköping University, Department of Electrical Engineering, Computer Engineering. Linköping University, The Institute of Technology.
Linköping University, Department of Electrical Engineering, Computer Engineering. Linköping University, The Institute of Technology.
2014 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

As more services move on to the web and more people use the cloud for storage of important information, it is important that providers of such services can guarantee that information is kept safe. The most common way of protecting that data is to make it impossible to access without being authenticated as the user owning the data. The most common way for a user to authenticate and thereby becoming authorized to access the data, or service, is by making use of a password. The one trying to safeguard that password must make sure that it is not easy to come by for someone trying to attack the system. The most common way to store a password is by first running that password through a one way function, known as a hash function, that obfuscates it into something that does not at all look related to the password itself. Whenever a user tries to authenticate, they type in their password and it goes through the same function and the results are compared. While this model makes sure that the password is not stored in plain text it contains no way of taking action in case the database of hashed passwords is leaked. Knowing that it is nearly impossible to be fully protected from malevolent users, the ones trying to safe guard information always need to try to make sure that it is difficult to extract information about users' passwords. Since the 70s the password storage has to a large extent looked the same. What is researched and implemented in this thesis is a different way of handling passwords, where the main focus is on making sure there are countermeasures in case the database leaks. The model described and implemented consist of software that make use of the current best practices, with the addition of encrypting the passwords with a symmetric cipher. This is all done in a distributed way to move towards a paradigm where a service provider does not need to rely on one point of security. The end result of this work is a working proof-of-concept software that runs in a distributed manner to derive users' passwords to an obfuscated form. The system is at least as secure as best current practice for storing users passwords but introduces the notion of countermeasures once information has found its way into an adversary's hands.

Place, publisher, year, edition, pages
2014. , 42 p.
Keyword [en]
Cryptography, Password storage, AES, KDF, Scrypt
National Category
Computer Systems
URN: urn:nbn:se:liu:diva-107484ISRN: LiTH-ISY-EX--14/4764--SEOAI: diva2:724532
External cooperation
Subject / course
Computer Vision Laboratory
2014-06-05, Systemet, Linköping University, Linköping, 10:00 (Swedish)
Available from: 2014-07-04 Created: 2014-06-12 Last updated: 2014-07-04Bibliographically approved

Open Access in DiVA

distributed-cipher-chaining(442 kB)556 downloads
File information
File name FULLTEXT01.pdfFile size 442 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
Computer EngineeringThe Institute of Technology
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 556 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 423 hits
ReferencesLink to record
Permanent link

Direct link