Asynchronous Authentication

• URL: http://arxiv.org/abs/2312.13967v2
• Date: Tue, 25 Jun 2024 18:14:44 GMT
• Title: Asynchronous Authentication
• Authors: Marwa Mouallem, Ittay Eyal,
• Abstract summary: Digital asset heists and identity theft cases illustrate the urgent need to revisit the fundamentals of user authentication. We formalize the general, common case of asynchronous authentication, with unbounded message propagation time. Our model allows for eventual message delivery, while bounding execution time to maintain cryptographic guarantees.
• Score: 3.038642416291856
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: A myriad of authentication mechanisms embody a continuous evolution from verbal passwords in ancient times to contemporary multi-factor authentication. Nevertheless, digital asset heists and numerous identity theft cases illustrate the urgent need to revisit the fundamentals of user authentication. We abstract away credential details and formalize the general, common case of asynchronous authentication, with unbounded message propagation time. Our model, which might be of independent interest, allows for eventual message delivery, while bounding execution time to maintain cryptographic guarantees. Given credentials' fault probabilities (e.g., loss or leak), we seek mechanisms with the highest success probability. We show that every mechanism is dominated by some Boolean mechanism -- defined by a monotonic Boolean function on presented credentials. We present an algorithm for finding approximately optimal mechanisms. Previous work analyzed Boolean mechanisms specifically, but used brute force, which quickly becomes prohibitively complex. We leverage the problem structure to reduce complexity by orders of magnitude. The algorithm is readily applicable to practical settings. For example, we revisit the common approach in cryptocurrency wallets that use a handful of high-quality credentials. We show that adding low-quality credentials improves security by orders of magnitude.

Related papers

• Revocable Encryption, Programs, and More: The Case of Multi-Copy Security [48.53070281993869]
  We show the feasibility of revocable primitives, such as revocable encryption and revocable programs. This suggests that the stronger notion of multi-copy security is within reach in unclonable cryptography.
  arXiv  Detail & Related papers  (2024-10-17T02:37:40Z)
• The Latency Price of Threshold Cryptosystem in Blockchains [52.359230560289745]
  We study the interplay between threshold cryptography and a class of blockchains that use Byzantine-fault tolerant (BFT) consensus protocols. Existing approaches for threshold cryptosystems introduce a latency overhead of at least one message delay for running the threshold cryptographic protocol. We propose a mechanism to eliminate this overhead for blockchain-native threshold cryptosystems with tight thresholds.
  arXiv  Detail & Related papers  (2024-07-16T20:53:04Z)
• Biometrics-Based Authenticated Key Exchange with Multi-Factor Fuzzy Extractor [19.129363889273904]
  We propose a novel multi-factor fuzzy extractor that integrates both a user's secret (e.g., a password) and a user's biometrics. We then employ this multi-factor fuzzy extractor to construct personal identity credentials which can be used in a new multi-factor authenticated key exchange protocol.
  arXiv  Detail & Related papers  (2024-05-19T05:50:28Z)
• Parallel Decoding via Hidden Transfer for Lossless Large Language Model Acceleration [54.897493351694195]
  We propose a novel parallel decoding approach, namely textithidden transfer, which decodes multiple successive tokens simultaneously in a single forward pass. In terms of acceleration metrics, we outperform all the single-model acceleration techniques, including Medusa and Self-Speculative decoding.
  arXiv  Detail & Related papers  (2024-04-18T09:17:06Z)
• On Cryptographic Mechanisms for the Selective Disclosure of Verifiable Credentials [39.4080639822574]
  Verifiable credentials are a digital analogue of physical credentials. They can be presented to verifiers to reveal attributes or even predicates about the attributes included in the credential. One way to preserve privacy during presentation consists in selectively disclosing the attributes in a credential.
  arXiv  Detail & Related papers  (2024-01-16T08:22:28Z)
• Checking and Automating Confidentiality Theory in Isabelle/UTP [1.1849561189229347]
  We argue that confidentiality should be promoted as a normal part of program verification. We show how our mechanisation can be used to for-mally verify some of the examples from Bank's work.
  arXiv  Detail & Related papers  (2023-09-07T23:53:33Z)
• Revocable Cryptography from Learning with Errors [61.470151825577034]
  We build on the no-cloning principle of quantum mechanics and design cryptographic schemes with key-revocation capabilities. We consider schemes where secret keys are represented as quantum states with the guarantee that, once the secret key is successfully revoked from a user, they no longer have the ability to perform the same functionality as before.
  arXiv  Detail & Related papers  (2023-02-28T18:58:11Z)
• Cryptography with Certified Deletion [16.354530084834863]
  We propose a new, unifying framework that yields an array of cryptographic primitives with certified deletion. primitives enable a party in possession of a quantum ciphertext to generate a classical certificate that the encrypted plaintext has been information-theoretically deleted.
  arXiv  Detail & Related papers  (2022-07-05T00:48:06Z)
• Quantum Proofs of Deletion for Learning with Errors [91.3755431537592]
  We construct the first fully homomorphic encryption scheme with certified deletion. Our main technical ingredient is an interactive protocol by which a quantum prover can convince a classical verifier that a sample from the Learning with Errors distribution in the form of a quantum state was deleted.
  arXiv  Detail & Related papers  (2022-03-03T10:07:32Z)
• Quantum multi-factor authentication [0.30458514384586394]
  We present a quantum multi-factor authentication mechanism based on the hidden-matching quantum communication complexity problem. It offers step-up graded authentication for users via a quantum token.
  arXiv  Detail & Related papers  (2021-10-11T15:12:39Z)
• Sample-efficient device-independent quantum state verification and certification [68.8204255655161]
  Authentication of quantum sources is a crucial task in building reliable and efficient protocols for quantum-information processing. We develop a systematic approach to device-independent verification of quantum states free of IID assumptions in the finite copy regime. We show that device-independent verification can be performed with optimal sample efficiency.
  arXiv  Detail & Related papers  (2021-05-12T17:48:04Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.