{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,6]],"date-time":"2026-02-06T04:36:11Z","timestamp":1770352571576,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,11,12]],"date-time":"2021-11-12T00:00:00Z","timestamp":1636675200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"ANR Cyberschool","award":["ANR-18-EURE-0004"],"award-info":[{"award-number":["ANR-18-EURE-0004"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,11,12]]},"DOI":"10.1145\/3460120.3484563","type":"proceedings-article","created":{"date-parts":[[2021,11,13]],"date-time":"2021-11-13T12:05:34Z","timestamp":1636805134000},"page":"2497-2512","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":7,"title":["PARASITE: PAssword Recovery Attack against Srp Implementations in ThE wild"],"prefix":"10.1145","author":[{"given":"Daniel","family":"De Almeida Braga","sequence":"first","affiliation":[{"name":"Univ Rennes, CNRS, IRISA, Rennes, France"}]},{"given":"Pierre-Alain","family":"Fouque","sequence":"additional","affiliation":[{"name":"Univ Rennes, CNRS, IRISA, Rennes, France"}]},{"given":"Mohamed","family":"Sabt","sequence":"additional","affiliation":[{"name":"Univ Rennes, CNRS, IRISA, Rennes, France"}]}],"member":"320","published-online":{"date-parts":[[2021,11,13]]},"reference":[{"key":"e_1_3_2_2_1_1","unstructured":"Proton Technologies A.G. 2016. ProtonMail Security Features and Infrastructure. https:\/\/protonmail.com\/blog\/wp-content\/uploads\/2016\/12\/ProtonMail_Authentication_excerpt.pdf"},{"key":"e_1_3_2_2_2_1","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i4.213-242"},{"key":"e_1_3_2_2_3_1","volume-title":"Katrina E. Falkner, Joop van de Pol, and Yuval Yarom.","author":"Allan Thomas","year":"2016","unstructured":"Thomas Allan, Billy Bob Brumley, Katrina E. Falkner, Joop van de Pol, and Yuval Yarom. 2016. Amplifying side channels through performance degradation. In ACSAC. ACM, 422--435."},{"key":"e_1_3_2_2_4_1","unstructured":"Amazon. 2020. Amazon EC2 P4d Instances. https:\/\/aws.amazon.com\/fr\/ec2\/instance-types\/p4\/"},{"key":"e_1_3_2_2_5_1","unstructured":"Apple. 2020. HomeKit Accessory Development Kit (ADK). https:\/\/github.com\/apple\/HomeKitADK"},{"key":"e_1_3_2_2_6_1","unstructured":"Hamza Assyad. 2018. Now generally available: Amazon CognitoAuthentication Extension Library. https:\/\/aws.amazon.com\/blogs\/developer\/now-generally-available-amazon-cognitoauthentication-extension-library"},{"key":"e_1_3_2_2_7_1","article-title":"Recommendation for Key Management","author":"Barker Elaine B.","year":"2015","unstructured":"Elaine B. Barker and Quynh Dang. 2015. Recommendation for Key Management, Part 3: Application-Specific Key Management Guidance. Technical Report. NIST. SP800--57 Part 3 Rev.1.","journal-title":"Part 3: Application-Specific Key Management Guidance. Technical Report. NIST. SP800--57 Part 3 Rev.1."},{"key":"e_1_3_2_2_8_1","unstructured":"Richard Barnes and Owen Friel. 2018. Usage of PAKE with TLS 1.3. Internet-Draft draft-barnes-tls-pake-04. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/html\/draft-barnes-tls-pake-04 Work in Progress."},{"key":"e_1_3_2_2_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45539-6_11"},{"key":"e_1_3_2_2_10_1","volume-title":"IEEE Symposium on Security and Privacy. IEEE Computer Society, 72--84","author":"Steven","unstructured":"Steven M. Bellovin and Michael Merritt. 1992. Encrypted key exchange: password-based protocols secure against dictionary attacks. In IEEE Symposium on Security and Privacy. IEEE Computer Society, 72--84."},{"key":"e_1_3_2_2_11_1","volume-title":"Bellovin and Michael Merritt","author":"Steven","year":"1993","unstructured":"Steven M. Bellovin and Michael Merritt. 1993. Augmented Encrypted Key Exchange: A Password-Based Protocol Secure against Dictionary Attacks and Password File Compromise. In CCS. ACM, 244--250."},{"key":"e_1_3_2_2_12_1","unstructured":"Daniel J. Bernstein. 2005. Cache-timing attacks on AES. https:\/\/cr.yp.to\/antiforgery\/cachetiming-20050414.pdf"},{"key":"e_1_3_2_2_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45539-6_12"},{"key":"e_1_3_2_2_14_1","doi-asserted-by":"crossref","unstructured":"Daniel De Almeida Braga Pierre-Alain Fouque and Mohamed Sabt. 2020. Dragonblood is Still Leaking: Practical Cache-based Side-Channel in the Wild. In ACSAC. ACM 291--303.","DOI":"10.1145\/3427228.3427295"},{"key":"e_1_3_2_2_15_1","unstructured":"Elie Bursztein. 2018. The bleak picture of two-factor authentication adoption in the wild. https:\/\/elie.net\/blog\/security\/the-bleak-picture-of-two-factor-authentication-adoption-in-the-wild"},{"key":"e_1_3_2_2_16_1","unstructured":"CFRG. 2020. PAKE Selection. https:\/\/github.com\/cfrg\/pake-selection"},{"key":"e_1_3_2_2_17_1","unstructured":"Chick3nman. 2020. Hashcat v6.1.1 benchmark on the Nvidia Tesla A100 PCIE variant GPU. https:\/\/gist.github.com\/Chick3nman\/d65bcd5c137626c0fcb05078bba9ca89"},{"key":"e_1_3_2_2_18_1","volume-title":"W2SP","author":"Engler John","unstructured":"John Engler, Chris Karlof, Elaine Shi, and Dawn Song. 2009. Is it too late for PAKE?. In W2SP. The Internet Society."},{"key":"e_1_3_2_2_19_1","unstructured":"Rob Faludi. [n.d.]. Who uses Erlang for product development? https:\/\/erlang.org\/faq\/introduction.html#idp32560400"},{"key":"e_1_3_2_2_20_1","unstructured":"Rob Faludi. 2017. Introducing the Official Digi XBee Python Library. https:\/\/www.digi.com\/blog\/post\/introducing-the-official-digi-xbee-python-library"},{"key":"e_1_3_2_2_21_1","volume-title":"Developers: How we use SRP, and you can too. https:\/\/blog.1password.com\/developers-how-we-use-srp-and-you-can-too","author":"Fillion Rick","year":"2018","unstructured":"Rick Fillion. 2018. Developers: How we use SRP, and you can too. https:\/\/blog.1password.com\/developers-how-we-use-srp-and-you-can-too"},{"key":"e_1_3_2_2_22_1","volume-title":"Billy Bob Brumley, and Yuval Yarom","author":"Cesar Pereida","year":"2016","unstructured":"Cesar Pereida Garc'i a, Billy Bob Brumley, and Yuval Yarom. 2016. \"Make Sure DSA Signing Exponentiations Really are Constant-Time\". In CCS. ACM, 1639--1650."},{"key":"e_1_3_2_2_23_1","volume-title":"Certified Side Channels. In USENIX Security Symposium. USENIX Association","author":"Cesar Pereida","year":"2020","unstructured":"Cesar Pereida Garc'i a, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Bob Brumley. 2020. Certified Side Channels. In USENIX Security Symposium. USENIX Association, 2021--2038."},{"key":"e_1_3_2_2_24_1","volume-title":"CRYPTO (Lecture Notes in Computer Science)","author":"Gentry Craig","unstructured":"Craig Gentry, Philip D. MacKenzie, and Zulfikar Ramzan. 2006. A Method for Making Password-Based Key Exchange Resilient to Server Compromise. In CRYPTO (Lecture Notes in Computer Science), Vol. 4117. Springer, 142--159."},{"key":"e_1_3_2_2_25_1","unstructured":"Matthew Green. 2018. Should you use SRP? https:\/\/blog.cryptographyengineering.com\/should-you-use-srp"},{"key":"e_1_3_2_2_26_1","first-page":"1","article-title":"AuCPace: Efficient verifier-based PAKE protocol tailored for the IIoT","volume":"2019","author":"Haase Bj\u00f6","year":"2019","unstructured":"Bj\u00f6 rn Haase and Beno^i t Labrique. 2019. AuCPace: Efficient verifier-based PAKE protocol tailored for the IIoT. IACR Trans. Cryptogr. Hardw. Embed. Syst., Vol. 2019, 2 (2019), 1--48.","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"e_1_3_2_2_27_1","first-page":"192","article-title":"J-PAKE: Authenticated Key Exchange without PKI","volume":"11","author":"Hao Feng","year":"2010","unstructured":"Feng Hao and Peter Ryan. 2010. J-PAKE: Authenticated Key Exchange without PKI. Trans. Comput. Sci., Vol. 11 (2010), 192--206.","journal-title":"Trans. Comput. Sci."},{"key":"e_1_3_2_2_28_1","first-page":"1","article-title":"Dragonfly Key Exchange","volume":"7664","author":"Harkins Dan","year":"2015","unstructured":"Dan Harkins. 2015. Dragonfly Key Exchange. RFC, Vol. 7664 (2015), 1--18.","journal-title":"RFC"},{"key":"e_1_3_2_2_29_1","unstructured":"ING Bank. 2018. InsideBusiness App security. https:\/\/new.ingwb.com\/en\/service\/insidebusiness-app\/insidebusiness-app-security"},{"key":"e_1_3_2_2_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/242896.242897"},{"key":"e_1_3_2_2_31_1","volume-title":"OPAQUE: An Asymmetric PAKE Protocol Secure Against Pre-computation Attacks. In EUROCRYPT (3) (Lecture Notes in Computer Science)","author":"Jarecki Stanislaw","year":"2018","unstructured":"Stanislaw Jarecki, Hugo Krawczyk, and Jiayu Xu. 2018. OPAQUE: An Asymmetric PAKE Protocol Secure Against Pre-computation Attacks. In EUROCRYPT (3) (Lecture Notes in Computer Science), Vol. 10822. Springer, 456--486."},{"key":"e_1_3_2_2_32_1","volume-title":"ARMageddon: Cache Attacks on Mobile Devices. In USENIX Security Symposium. USENIX Association, 549--564","author":"Lipp Moritz","year":"2016","unstructured":"Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Cl\u00e9 mentine Maurice, and Stefan Mangard. 2016. ARMageddon: Cache Attacks on Mobile Devices. In USENIX Security Symposium. USENIX Association, 549--564."},{"key":"e_1_3_2_2_33_1","unstructured":"LogMeIn. 2017. Remote Support and Service Desk Security. https:\/\/assets.cdngetgo.com\/b0\/b1\/97dd1f0e42fa8b8e5433333dffae\/gotoassist-remotesupport-servicedesk-security-white-paper.pdf"},{"key":"e_1_3_2_2_34_1","volume-title":"Web conference security. https:\/\/logmeincdn.azureedge.net\/gotomeetingmedia\/-\/media\/pdfs\/UCC_security_white_paper_snapshot_April2020","year":"2020","unstructured":"LogMeIn. 2020. Web conference security. https:\/\/logmeincdn.azureedge.net\/gotomeetingmedia\/-\/media\/pdfs\/UCC_security_white_paper_snapshot_April2020.pdf"},{"key":"e_1_3_2_2_35_1","doi-asserted-by":"publisher","DOI":"10.1090\/S0025-5718-1985-0777282-X"},{"key":"e_1_3_2_2_36_1","doi-asserted-by":"crossref","unstructured":"Mat\u00fa s Nemec Dusan Klinec Petr Svenda Peter Sekan and Vashek Matyas. 2017. Measuring Popularity of Cryptographic Libraries in Internet-Wide Scans. In ACSAC. ACM 162--175.","DOI":"10.1145\/3134600.3134612"},{"key":"e_1_3_2_2_37_1","unstructured":"Cubrilovic Nik. 2009. RockYou Hack: From Bad To Worse. https:\/\/techcrunch.com\/2009\/12\/14\/rockyou-hack-security-myspace-facebook-passwords\/"},{"key":"e_1_3_2_2_38_1","volume-title":"Keromytis","author":"Oren Yossef","year":"2015","unstructured":"Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, and Angelos D. Keromytis. 2015. The Spy in the Sandbox: Practical Cache Attacks in JavaScript and their Implications. In CCS. ACM, 1406--1418."},{"key":"e_1_3_2_2_39_1","unstructured":"Colin Percival. 2005. Cache missing for fun and profit."},{"key":"e_1_3_2_2_40_1","unstructured":"Proton Mail Technologies. 2016. ProtonMail Security Features and Infrastructure. https:\/\/protonmail.com\/blog\/wp-content\/uploads\/2016\/12\/ProtonMail_Authentication_excerpt.pdf"},{"key":"e_1_3_2_2_41_1","volume-title":"ACNS (2) (Lecture Notes in Computer Science)","author":"Russon Andy","unstructured":"Andy Russon. 2021. Threat for the Secure Remote Password Protocol and a Leak in Apple's Cryptographic Library. In ACNS (2) (Lecture Notes in Computer Science), Vol. 12727. Springer, 49--75."},{"key":"e_1_3_2_2_42_1","first-page":"1","article-title":"Requirements for Password-Authenticated Key Agreement (PAKE) Schemes","volume":"8125","author":"Marc Schmidt J\u00f6","year":"2017","unstructured":"J\u00f6 rn-Marc Schmidt. 2017. Requirements for Password-Authenticated Key Agreement (PAKE) Schemes. RFC, Vol. 8125 (2017), 1--10.","journal-title":"RFC"},{"key":"e_1_3_2_2_43_1","volume-title":"Formal Methods Analysis of the Secure Remote Password Protocol. CoRR","author":"Sherman Alan T.","year":"2020","unstructured":"Alan T. Sherman, Erin Lanus, Moses Liskov, Edward Zieglar, Richard Chang, Enis Golaszewski, Ryan Wnuk-Fink, Cyrus J. Bonyadi, Mario Yaksetig, and Ian Blumenfeld. 2020. Formal Methods Analysis of the Secure Remote Password Protocol. CoRR, Vol. abs\/2003.07421 (2020)."},{"key":"e_1_3_2_2_44_1","first-page":"1","article-title":"Using the Secure Remote Password (SRP) Protocol for TLS Authentication","volume":"5054","author":"Taylor David","year":"2007","unstructured":"David Taylor, Thomas Wu, Nikos Mavrogiannopoulos, and Trevor Perrin. 2007. Using the Secure Remote Password (SRP) Protocol for TLS Authentication. RFC, Vol. 5054 (2007), 1--24.","journal-title":"RFC"},{"key":"e_1_3_2_2_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00031"},{"key":"e_1_3_2_2_46_1","unstructured":"Ronald Volgers. 2016. Exploiting two buggy SRP implementations. https:\/\/www.computest.nl\/nl\/knowledge-platform\/blog\/exploiting-two-buggy-srp-implementations\/"},{"key":"e_1_3_2_2_47_1","first-page":"1","article-title":"a","volume":"2945","author":"Wu Thomas","year":"2000","unstructured":"Thomas Wu. 2000 a. The SRP Authentication and Key Exchange System. RFC, Vol. 2945 (2000), 1--8.","journal-title":"The SRP Authentication and Key Exchange System. RFC"},{"key":"e_1_3_2_2_48_1","first-page":"1","article-title":"b","volume":"2944","author":"Wu Thomas","year":"2000","unstructured":"Thomas Wu. 2000 b. Telnet Authentication: SRP. RFC, Vol. 2944 (2000), 1--7.","journal-title":"Telnet Authentication: SRP. RFC"},{"key":"e_1_3_2_2_49_1","volume-title":"The Secure Remote Password Protocol","author":"Thomas D. Wu.","unstructured":"Thomas D. Wu. 1998. The Secure Remote Password Protocol. In NDSS. The Internet Society."},{"key":"e_1_3_2_2_50_1","volume-title":"Mastik: A Micro-Architectural Side-Channel Toolkit. https:\/\/cs.adelaide.edu.au\/yval\/Mastik\/","author":"Yarom Yuval","year":"2016","unstructured":"Yuval Yarom. 2016. Mastik: A Micro-Architectural Side-Channel Toolkit. https:\/\/cs.adelaide.edu.au\/yval\/Mastik\/"},{"key":"e_1_3_2_2_51_1","volume-title":"USENIX Security Symposium. USENIX Association, 719--732","author":"Yarom Yuval","year":"2014","unstructured":"Yuval Yarom and Katrina Falkner. 2014. FLUSH+RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. In USENIX Security Symposium. USENIX Association, 719--732."}],"event":{"name":"CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security","location":"Virtual Event Republic of Korea","acronym":"CCS '21","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484563","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3460120.3484563","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T20:54:11Z","timestamp":1763499251000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3460120.3484563"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,11,12]]},"references-count":51,"alternative-id":["10.1145\/3460120.3484563","10.1145\/3460120"],"URL":"https:\/\/doi.org\/10.1145\/3460120.3484563","relation":{},"subject":[],"published":{"date-parts":[[2021,11,12]]},"assertion":[{"value":"2021-11-13","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}