21,712 research outputs found
One Password: An Encryption Scheme for Hiding Users' Register Information
In recent years, the attack which leverages register information (e.g.
accounts and passwords) leaked from 3rd party applications to try other
applications is popular and serious. We call this attack "database collision".
Traditionally, people have to keep dozens of accounts and passwords for
different applications to prevent this attack. In this paper, we propose a
novel encryption scheme for hiding users' register information and preventing
this attack. Specifically, we first hash the register information using
existing safe hash function. Then the hash string is hidden, instead a
coefficient vector is stored for verification. Coefficient vectors of the same
register information are generated randomly for different applications. Hence,
the original information is hardly cracked by dictionary based attack or
database collision in practice. Using our encryption scheme, each user only
needs to keep one password for dozens of applications
- …