One Password: An Encryption Scheme for Hiding Users' Register Information

In recent years, the attack which leverages register information (e.g. accounts and passwords) leaked from 3rd party applications to try other applications is popular and serious. We call this attack "database collision". Traditionally, people have to keep dozens of accounts and passwords for different applications to prevent this attack. In this paper, we propose a novel encryption scheme for hiding users' register information and preventing this attack. Specifically, we first hash the register information using existing safe hash function. Then the hash string is hidden, instead a coefficient vector is stored for verification. Coefficient vectors of the same register information are generated randomly for different applications. Hence, the original information is hardly cracked by dictionary based attack or database collision in practice. Using our encryption scheme, each user only needs to keep one password for dozens of applications

Ubic: Bridging the gap between digital cryptography and the physical world

Advances in computing technology increasingly blur the boundary between the digital domain and the physical world. Although the research community has developed a large number of cryptographic primitives and has demonstrated their usability in all-digital communication, many of them have not yet made their way into the real world due to usability aspects. We aim to make another step towards a tighter integration of digital cryptography into real world interactions. We describe Ubic, a framework that allows users to bridge the gap between digital cryptography and the physical world. Ubic relies on head-mounted displays, like Google Glass, resource-friendly computer vision techniques as well as mathematically sound cryptographic primitives to provide users with better security and privacy guarantees. The framework covers key cryptographic primitives, such as secure identification, document verification using a novel secure physical document format, as well as content hiding. To make a contribution of practical value, we focused on making Ubic as simple, easily deployable, and user friendly as possible.Comment: In ESORICS 2014, volume 8712 of Lecture Notes in Computer Science, pp. 56-75, Wroclaw, Poland, September 7-11, 2014. Springer, Berlin, German