{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T21:35:18Z","timestamp":1743111318401,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030401856"},{"type":"electronic","value":"9783030401863"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-40186-3_11","type":"book-chapter","created":{"date-parts":[[2020,2,14]],"date-time":"2020-02-14T00:03:52Z","timestamp":1581638632000},"page":"225-253","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["TMPS: Ticket-Mediated Password Strengthening"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3427-1744","authenticated-orcid":false,"given":"John","family":"Kelsey","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6797-641X","authenticated-orcid":false,"given":"Dana","family":"Dachman-Soled","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1240-5841","authenticated-orcid":false,"given":"Sweta","family":"Mishra","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1950-7130","authenticated-orcid":false,"given":"Meltem S\u00f6nmez","family":"Turan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,2,14]]},"reference":[{"key":"11_CR1","doi-asserted-by":"crossref","unstructured":"Agrawal, S., Miao, P., Mohassel, P., Mukherjee, P.: PASTA: password-based threshold authentication. In: ACM Conference on Computer and Communications Security, pp. 2042\u20132059. ACM (2018)","DOI":"10.1145\/3243734.3243839"},{"key":"11_CR2","unstructured":"Akhawe, D.: How dropbox securely stores your passwords (2016). https:\/\/blogs.dropbox.com\/tech\/2016\/09\/how-dropbox-securely-stores-your-passwords\/. Accessed 4 January 2019"},{"key":"11_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"614","DOI":"10.1007\/3-540-39200-9_38","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2003","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Micciancio, D., Warinschi, B.: Foundations of group signatures: formal definitions, simplified requirements, and a construction based on general assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614\u2013629. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-39200-9_38"},{"key":"11_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/3-540-45539-6_11","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139\u2013155. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_11. http:\/\/dl.acm.org\/citation.cfm?id=1756169.1756185"},{"key":"11_CR5","doi-asserted-by":"crossref","unstructured":"Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: IEEE Symposium on Research in Security and Privacy, pp. 72\u201384 (1992)","DOI":"10.1145\/168588.168618"},{"key":"11_CR6","doi-asserted-by":"publisher","unstructured":"Biryukov, A., Dinu, D., Khovratovich, D.: Argon2: New generation of memory-hard functions for password hashing and other applications. In: IEEE European Symposium on Security and Privacy, EuroS&P 2016, Saarbr\u00fccken, Germany, 21\u201324 March 2016, pp. 292\u2013302. IEEE (2016). https:\/\/doi.org\/10.1109\/EuroSP.2016.31, http:\/\/dx.doi.org\/10.1109\/EuroSP.2016.31","DOI":"10.1109\/EuroSP.2016.31"},{"key":"11_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1007\/978-3-319-78381-9_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"J Camenisch","year":"2018","unstructured":"Camenisch, J., Drijvers, M., Gagliardoni, T., Lehmann, A., Neven, G.: The wonderful world of global random oracles. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 280\u2013312. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_11"},{"key":"11_CR8","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Enderlein, R.R., Neven, G.: Two-server password-authenticated secret sharing UC-secure against transient corruptions. Cryptology ePrint Archive, Report 2015\/006 (2015). http:\/\/eprint.iacr.org\/2015\/006","DOI":"10.1007\/978-3-662-46447-2_13"},{"issue":"1","key":"11_CR9","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/s001459910006","volume":"13","author":"R Canetti","year":"2000","unstructured":"Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptology 13(1), 143\u2013202 (2000). https:\/\/doi.org\/10.1007\/s001459910006","journal-title":"J. Cryptology"},{"key":"11_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"262","DOI":"10.1007\/3-540-44987-6_17","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2001","author":"R Canetti","year":"2001","unstructured":"Canetti, R., Damg\u00e5rd, I., Dziembowski, S., Ishai, Y., Malkin, T.: On adaptive vs. non-adaptive security of multiparty protocols. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 262\u2013279. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44987-6_17"},{"key":"11_CR11","doi-asserted-by":"publisher","unstructured":"Canetti, R., Feige, U., Goldreich, O., Naor, M.: Adaptively secure multi-party computation. In: 28th ACM STOC, pp. 639\u2013648. ACM Press, May 1996. https:\/\/doi.org\/10.1145\/237814.238015","DOI":"10.1145\/237814.238015"},{"key":"11_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"348","DOI":"10.1007\/978-3-642-32009-5_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"Y Dodis","year":"2012","unstructured":"Dodis, Y., Ristenpart, T., Steinberger, J., Tessaro, S.: To hash or not to hash again? (In)Differentiability results for H2 and HMAC. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 348\u2013366. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_21"},{"key":"11_CR13","unstructured":"Everspaugh, A., Chaterjee, R., Scott, S., Juels, A., Ristenpart, T.: The pythia PRF service. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 547\u2013562. USENIX Association, Washington, D.C. (2015). https:\/\/www.usenix.org\/conference\/usenixsecurity15\/technical-sessions\/presentation\/everspaugh"},{"key":"11_CR14","doi-asserted-by":"crossref","unstructured":"Hohenberger, S., Lewko, A., Waters, B.: Detecting dangerous queries: a new approach for chosen ciphertext security. Cryptology ePrint Archive, Report 2012\/006 (2012). http:\/\/eprint.iacr.org\/2012\/006","DOI":"10.1007\/978-3-642-29011-4_39"},{"key":"11_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-319-61204-1_3","volume-title":"Applied Cryptography and Network Security","author":"S Jarecki","year":"2017","unstructured":"Jarecki, S., Kiayias, A., Krawczyk, H., Xu, J.: TOPPSS: cost-minimal password-protected secret sharing based on threshold OPRF. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 39\u201358. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-61204-1_3"},{"key":"11_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"456","DOI":"10.1007\/978-3-319-78372-7_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"S Jarecki","year":"2018","unstructured":"Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: an asymmetric PAKE protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 456\u2013486. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_15"},{"key":"11_CR17","doi-asserted-by":"crossref","DOI":"10.1201\/b17668","volume-title":"Introduction to Modern Cryptography","author":"J Katz","year":"2014","unstructured":"Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press, Boca Raton (2014)","edition":"2"},{"key":"11_CR18","unstructured":"Kelsey, J., Dachman-Soled, D., Mishra, S., Turan, M.S.: TMPS: ticket-mediated password strengthening. IACR Cryptology ePrint Archive 2019, 543 (2019). https:\/\/eprint.iacr.org\/2019\/543"},{"key":"11_CR19","unstructured":"Lai, R.W.F., Egger, C., Reinert, M., Chow, S.S.M., Maffei, M., Schr\u00f6der, D.: Simple password-hardened encryption services. In: 27th USENIX Security Symposium (USENIX Security 18), pp. 1405\u20131421. USENIX Association, Baltimore, MD (2018). https:\/\/www.usenix.org\/conference\/usenixsecurity18\/presentation\/lai"},{"key":"11_CR20","unstructured":"Lai, R.W.F., Egger, C., Schr\u00f6der, D., Chow, S.S.M.: Phoenix: rebirth of a cryptographic password-hardening service. In: 26th USENIX Security Symposium (USENIX Security 17), pp. 899\u2013916. USENIX Association, Vancouver, BC (2017). https:\/\/www.usenix.org\/conference\/usenixsecurity17\/technical-sessions\/presentation\/lai"},{"key":"11_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1007\/978-3-642-00862-7_8","volume-title":"Topics in Cryptology \u2013 CT-RSA 2009","author":"AY Lindell","year":"2009","unstructured":"Lindell, A.Y.: Adaptively secure two-party computation with erasures. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 117\u2013132. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-00862-7_8"},{"key":"11_CR22","unstructured":"Mani, A.: Life of a password. In: Real World Crypto 2015 (2015). https:\/\/rwc.iacr.org\/2015\/Slides\/RWC-2015-Amani.pdf"},{"key":"11_CR23","unstructured":"Muffett, A.: Facebook: password hashing & authentication. Presentation at Passwords 2014 Conference, NTNU (2014). https:\/\/video.adm.ntnu.no\/pres\/54b660049af94"},{"key":"11_CR24","unstructured":"Muffett, A.: Life of a password. Presentation at Real World Crypto 2015 (2015)"},{"key":"11_CR25","doi-asserted-by":"crossref","unstructured":"Schneider, J., Fleischhacker, N., Schr\u00f6der, D., Backes, M.: Efficient cryptographic password hardening services from partially oblivious commitments. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24\u201328 October 2016, pp. 1192\u20131203. ACM (2016). http:\/\/dl.acm.org\/citation.cfm?id=2976749","DOI":"10.1145\/2976749.2978375"},{"key":"11_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"662","DOI":"10.1007\/978-3-642-30057-8_39","volume-title":"Public Key Cryptography \u2013 PKC 2012","author":"D Schr\u00f6der","year":"2012","unstructured":"Schr\u00f6der, D., Unruh, D.: Security of blind signatures revisited. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 662\u2013679. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-30057-8_39"},{"key":"11_CR27","doi-asserted-by":"crossref","unstructured":"S\u00f6nmez Turan, M., Barker, E.B., Burr, W.E., Chen, L.: SP 800\u2013132. recommendation for password-based key derivation: Part 1: Storage applications. Technical report, National Institute of Standards & Technology, Gaithersburg, MD, United States (2010)","DOI":"10.6028\/NIST.SP.800-132"},{"key":"11_CR28","doi-asserted-by":"crossref","unstructured":"Wu, T.: The SRP authentication and key exchange system. RFC 2945, pp. 1\u20138 (2000). https:\/\/doi.org\/10.17487\/RFC2945","DOI":"10.17487\/rfc2945"}],"container-title":["Lecture Notes in Computer Science","Topics in Cryptology \u2013 CT-RSA 2020"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-40186-3_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,12]],"date-time":"2024-03-12T18:45:34Z","timestamp":1710269134000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-40186-3_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030401856","9783030401863"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-40186-3_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"14 February 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CT-RSA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cryptographers\u2019 Track at the RSA Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"San Francisco, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 February 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 February 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ctrsa2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"secure.iacr.org\/websubrev","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"95","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"29% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,25","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"9","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}