Title
An Oblivious Password Cracking Server
Authors
Aureliano Calvo, Ariel Futoransky, Carlos Sarraute
In
41th JAIIO
Date published
2012-08-31
Keywords
hellman_tables, rainbow_tables, private_information_retrieval, password_cracking_tables, cryptography, hashes, hashing_function, privacy

Abstract

Building a password cracking server that preserves the privacy of the queries made to the server is a problem that has not yet been solved. Such a server could acquire practical relevance in the future: for instance, the tables used to crack the passwords could be calculated, stored and hosted in cloud-computing services, and could be queried from devices with limited computing power.

In this paper we present a method to preserve the con dentiality of a password cracker|wherein the tables used to crack the passwords are stored by a third party|by combining Hellman tables and Private Information Retrieval (PIR) protocols. We provide the technical details of this method, analyze its complexity, and show the experimental results obtained with our implementation.

Attachments

code.zip - Prototype source code