Author:
Sebastian Bittl
Affiliation:
Fraunhofer ESK, Germany
Keyword(s):
Hash Chain Design, Perfect Forward Secrecy, One-time Password, Security, Privacy.
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Applied Cryptography
;
Cryptographic Techniques and Key Management
;
Data Engineering
;
Databases and Data Security
;
Identification, Authentication and Non-Repudiation
;
Information and Systems Security
;
Internet Technology
;
Privacy Enhancing Technologies
;
Security Protocols
;
Web Information Systems and Technologies
Abstract:
One-way hash chains have been used to secure many applications over the last three decades. To overcome the fixed length limitation of first generation designs, so-called infinite length hash chains have been introduced. Such designs typically employ methods of asynchronous cryptography or hash based message authentication codes. However, none of the proposed schemes offers perfect forward secrecy, keeping former outputs secret
once the system got compromised. A novel algorithm for constructing infinite length hash chains with built-in support for perfect forward secrecy is presented in this work. Thereby, the scheme differs significantly from existing proposals by using a combination of two different hash functions. It avoids the computational complexity of public-key algorithms, utilises well studied standard hash functions and keeps the benefits of a hash chain without a length constraint.