학술논문
A 3-Lock based Password Hashing Algorithm
Document Type
Conference
Author
Source
2022 IEEE Conference on Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI) Interdisciplinary Approaches in Technology and Management for Social Innovation (IATMSI), 2022 IEEE Conference on. :1-6 Dec, 2022
Subject
Language
Abstract
Password has become a predominating method for user authentication to gain access to restricted services. Most people use human-memorable passwords that are likely words in dictionaries or certain combinations of these words, which are easy to crack. The biggest problem with passwords is its strength. We introduce a 3-lock based password hashing algorithm which minimizes the fraction of password that would be cracked by an offline attacker without increasing computing time for a legitimate authentication server. It strengthens the user's weak password, by improving the character set from which password is selected. 3-lock based password hashing algorithm uses 3 locks consisting of various printable ASCII characters and an integer provided by the user. This integer is never stored in server's database. Finally, we analyze 3-lock based password hashing algorithm using RockYou password dataset. Our analysis shows that the proposed algorithm can reduce (up to 25%) fraction of password cracked by an offline attacker.