[Cfrg] New draft: Hashed Password Exchange

Steven Bellovin <smb@cs.columbia.edu> Wed, 04 January 2012 21:41 UTC

Return-Path: <smb@cs.columbia.edu>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id CAE8F1F0C3C; Wed, 4 Jan 2012 13:41:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id jFAmWLdU3icB; Wed, 4 Jan 2012 13:41:59 -0800 (PST)
Received: from tarap.cc.columbia.edu (tarap.cc.columbia.edu []) by ietfa.amsl.com (Postfix) with ESMTP id 17D261F0C3B; Wed, 4 Jan 2012 13:41:59 -0800 (PST)
Received: from [] (74-92-112-54-Philadelphia.hfc.comcastbusiness.net []) (user=smb2132 mech=PLAIN bits=0) by tarap.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id q04Lfuvi028926 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Wed, 4 Jan 2012 16:41:56 -0500 (EST)
From: Steven Bellovin <smb@cs.columbia.edu>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Date: Wed, 4 Jan 2012 16:41:55 -0500
Message-Id: <583849CD-D0AD-4792-8894-04598898BA0F@cs.columbia.edu>
To: cfrg@irtf.org, saag@ietf.org
Mime-Version: 1.0 (Apple Message framework v1251.1)
X-Mailer: Apple Mail (2.1251.1)
X-No-Spam-Score: Local
X-Scanned-By: MIMEDefang 2.68 on
Subject: [Cfrg] New draft: Hashed Password Exchange
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Jan 2012 21:41:59 -0000

I'd appreciate comments on my new draft, draft-bellovin-hpw-00.txt:


   Many systems (e.g., cryptographic protocols relying on symmetric
   cryptography) require that plaintext passwords be stored.  Given how
   often people reuse passwords on different systems, this poses a very
   serious risk if a single machine is compromised.  We propose a scheme
   to derive passwords limited to a single machine from a typed
   password, and explain how a protocol definition can specify this

		--Steve Bellovin, https://www.cs.columbia.edu/~smb