Safely Turn Authentication Credentials Into Entropy (STACIE)
draft-ladar-stacie-00
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Expired".
Expired & archived
|
|
|---|---|---|---|
| Author | Ladar Levison | ||
| Last updated | 2015-11-23 (Latest revision 2015-05-22) | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document specifies a method for Safely Turning Authentication Credentials Into Entropy (STACIE) using an efficient Zero Knowledge Password Proof (ZKPP), and is provided as a standalone component suitable for use as a building block in other protocol development efforts. The scheme was created to fill the emerging need for a standard which allows a single low entropy password to be used for user authentication and the derivation of strong encryption keys. The design is modular, and is conservative in its use of an arbitrary one-way cryptographic hash function. The security of the scheme depends on the difficulty associated with reversing the hash function output back into the plaintext input. STACIE attempts to make discovering the plaintext input through the use of brute force more difficult by linking the amount of processing to the length of a user's plaintext password. The shorter the plaintext password the more processing time per attempt with the amount of additional, artificially required, work scaling exponentially for each character.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)