|
|
Journal of Zhejiang University SCIENCE A
ISSN 1673-565X(Print), 1862-1775(Online), Monthly
2007 Vol.8 No.8 P.1183-1190
Multiple hashes of single key with passcode for multiple accounts
Abstract: A human’s e-life needs multiple offline and online accounts. It is a balance between usability and security to set keys or passwords for these multiple accounts. Password reuse has to be avoided due to the domino effect of malicious administrators and crackers. However, human memorability constrains the number of keys. Single sign-on server, key hashing, key strengthening and petname system are used in the prior arts to use only one key for multiple online accounts. The unique site keys are derived from the common master secret and specific domain name. These methods cannot be applied to offline accounts such as file encryption. We invent a new method and system applicable to offline and online accounts. It does not depend on HTTP server and domain name, but numeric 4-digit passcode, key hashing, key strengthening and hash truncation. Domain name is only needed to resist spoofing and phishing attacks of online accounts.
Key words: Key management, Memorability, Key hashing, Key strengthening, Multiple accounts, Information security
References:
Open peer comments: Debate/Discuss/Question/Opinion
<1>
invest@No address<hotmann@mail.com>
2014-03-12 15:05:37
A series of true different colours is programmed in the display and the transmission quick through spots
kartosin@No address<roag94@mail.com>
2014-03-10 12:30:19
However caution is ideal necessary when choosing true model great flexibility
mypiko@No address<coconof@mail.com>
2014-01-30 02:06:32
The physician studies the pattern on the paper to see if the heart rhythm is normal
ourgreen@No address<rostont@mail.com>
2014-01-26 01:29:48
The oranges inside recalled absolutely a landscape
DOI:
10.1631/jzus.2007.A1183
CLC number:
TN918; TP309
Download Full Text:
Downloaded:
3531
Clicked:
5579
Cited:
2
On-line Access:
Received:
2007-03-11
Revision Accepted:
2007-05-09
Crosschecked: