Zero-Knowledge Password Policy Checks and Verifier-Based PAKE

  • Franziskus Kiefer
  • Mark Manulis
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8713)


Zero-Knowledge Password Policy Checks (ZKPPC), introduced in this work, enable blind registration of client passwords at remote servers, i.e., client passwords are never transmitted to the servers. This eliminates the need for trusting servers to securely process and store client passwords. A ZKPPC protocol, executed as part of the registration procedure, allows clients to further prove compliance of chosen passwords with respect to password policies defined by the servers.

The main benefit of ZKPPC-based password registration is that it guarantees that registered passwords never appear in clear on the server side. At the end of the registration phase the server only receives and stores some verification information that can later be used for authentication in a suitable Verifier-based Password Authenticated Key Exchange (VPAKE) protocol.

We give general and concrete constructions of ZKPPC protocols and suitable VPAKE protocols for ASCII-based passwords and policies that are commonly used on the web. To this end we introduce a reversible mapping of ASCII characters to integers that can be used to preserve the structure of the password string and a new randomized password hashing scheme for ASCII-based passwords.


Password policies password registration authentication verification password hashing ASCII passwords verifier-based PAKE 


  1. 1.
    Ur, B., Kelley, P.G., Komanduri, S., Lee, J., Maass, M., Mazurek, M.L., Passaro, T., Shay, R., Vidas, T., Bauer, L., Christin, N., Cranor, L.F.: How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation. In: USENIX Security 2012, p. 5. USENIX Association (2012)Google Scholar
  2. 2.
    Inglesant, P., Sasse, M.A.: The true cost of unusable password policies: password use in the wild. In: CHI, pp. 383–392. ACM (2010)Google Scholar
  3. 3.
    Kaliski, B.: PKCS #5: Password-Based Cryptography Specification Version 2.0. RFC 2898 (Informational) (September 2000)Google Scholar
  4. 4.
    Turan, M.S., Barker, E., Burr, W., Chen, L.: Recommendation for password-based key derivation, pp. 800–132. NIST Special Publication (2010)Google Scholar
  5. 5.
    Provos, N., Mazières, D.: A Future-Adaptable Password Scheme. In: USENIX Annual Technical Conference, FREENIX Track, pp. 81–91 (1999)Google Scholar
  6. 6.
    Reuters: Trove of Adobe user data found on Web after breach: security firm (2014), (accessed: April 01, 2014)
  7. 7.
    Cubrilovic, N.: RockYou Hack: From Bad To Worse (2014), (accessed: April 01, 2014)
  8. 8.
    Reuters, T.: Microsoft India store down after hackers take user data (2014), (accessed: April 01, 2014)
  9. 9.
    Goodin, D.: Hack of Cupid Media dating website exposes 42 million plaintext passwords (2014), (accessed: April 01, 2014)
  10. 10.
    Bellovin, S.M., Merritt, M.: Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. In: IEEE S&P 1992, pp. 72–84. IEEE CS (1992)Google Scholar
  11. 11.
    Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  12. 12.
    Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally Composable Password-Based Key Exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Pointcheval, D.: Password-Based Authenticated Key Exchange. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 390–397. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  14. 14.
    Bellovin, S.M., Merritt, M.: Augmented Encrypted Key Exchange: A Password-Based Protocol Secure against Dictionary Attacks and Password File Compromise. In: ACM CCS 1993, pp. 244–250. ACM (1993)Google Scholar
  15. 15.
    Gentry, C., MacKenzie, P.D., Ramzan, Z.: A Method for Making Password-Based Key Exchange Resilient to Server Compromise. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 142–159. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Benhamouda, F., Pointcheval, D.: Verifier-Based Password-Authenticated Key Exchange: New Models and Constructions. IACR Cryptology ePrint Archive 2013, 833 (2013)Google Scholar
  17. 17.
    Pedersen, T.P.: Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) Advances in Cryptology - CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)Google Scholar
  18. 18.
    Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  19. 19.
    Benhamouda, F., Blazy, O., Chevalier, C., Pointcheval, D., Vergnaud, D.: New smooth projective hash functions and one-round authenticated key exchange. Cryptology ePrint Archive, Report 2013/034 (2013),
  20. 20.
    Camenisch, J., Chaabouni, R., Shelat, A.: Efficient Protocols for Set Membership and Range Proofs. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 234–252. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  21. 21.
    Cramer, R., Damgård, I., MacKenzie, P.D.: Efficient Zero-Knowledge Proofs of Knowledge Without Intractability Assumptions. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 354–373. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  22. 22.
    Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) Advances in Cryptology - CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  23. 23.
    Kiefer, F., Manulis, M.: Distributed Smooth Projective Hashing and Its Application to Two-Server Password Authenticated Key Exchange. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 199–216. Springer, Heidelberg (2014)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Franziskus Kiefer
    • 1
  • Mark Manulis
    • 1
  1. 1.Surrey Centre for Cyber Security,Department of ComputingUniversity of SurreyUK

Personalised recommendations