TITLE:
Passwords Management via Split-Key
AUTHORS:
Kenneth Giuliani, V. Kumar Murty, Guangwu Xu
KEYWORDS:
Password Encryption, Password Storage, Identity Management, Secret Sharing
JOURNAL NAME:
Journal of Information Security,
Vol.7 No.3,
April
22,
2016
ABSTRACT: This paper proposes a scheme for password management by storing password
encryptions on a server. The method involves having the encryption key split
into a share for the user and one for the server. The user’s share shall be
based solely on a selected passphrase. The server’s share shall be generated
from the user’s share and the encryption key. The security and trust are
achieved by performing both encryption and decryption on the client side. We
also address the issue of countering dictionary attack by providing a further
enhancement of the scheme.