Header menu link for other important links
Cryptographic module based approach for password hashing schemes
D. Chang, A. Jati, S. Mishra,
Published in Springer Verlag
Volume: 9393 LNCS
Pages: 39 - 57
Password Hashing is the technique of performing one-way transformation of the password. One of the requirements of password hashing algorithms is to be memory demanding to provide defense against hardware attacks. In practice, most Cryptographic designs are implemented inside a Cryptographic module, as suggested by NIST in a set of standards (FIPS 140). A cryptographic module has a limited memory and this makes it challenging to implement a password hashing scheme (PHS) inside it. In this work, we propose a novel approach to allow a limited memory cryptographic module to be used in the implementation of a high memory password hashing algorithm. We also analyze all the first round entries of the Password Hashing Competition (PHC) to evaluate the suitability of the submitted algorithms to be implemented with a Cryptographic module. We graphically show that the submissions to the PHC can be securely implemented in a crypto-module following our suggestion. To the best of our knowledge, this is the first attempt in the direction of secure implementation of password hashing algorithms. © Springer International Publishing Switzerland 2015.