Private Password Auditing
Résumé
Password is the foremost mean to achieve data and computer secu-
rity. Hence, choosing a strong password which may withstand dictionary attacks
is crucial in establishing the security of the underlying system. In order to en-
sure that strong passwords are chosen, and that they are periodically updated,
system administrators often rely on password auditors. Several tools aimed at
preventing password misuse have been designed to aid auditors in their task.
We however show that the objective remains a far cry as these tools essentially
reveal the digests corresponding to weak passwords. As a case study, we discuss
the issues with Blackhash, and develop the notion of Private Password Auditing
— a mechanism that does not require the system administrator to reveal pass-
word digests to an external auditor and symmetrically the dictionaries remain
private to the auditor. We further present constructions based on Private Set
Intersection and its variants, and evaluate a proof-of-concept implementation.