Permutation-Based Hash Chains with Application to Password Hashing

• Published in: IACR Transactions on Symmetric Cryptology Vol. 2024; no. 4; pp. 249 - 286
• Main Authors: Lefevre, Charlotte, Mennink, Bart
• Format: Journal Article
• Language: English
• Published: Ruhr-Universität Bochum 01.01.2024
• Subjects: hash chain; one-time passwords; security model; sponge; T/Key; U/Key

Hash chain based password systems are a useful way to guarantee authentication with one-time passwords. The core idea dates back to Lamport, and is specified in RFC 1760 as S/Key. At CCS 2017, Kogan et al. introduced T/Key, an improved password system where one-time passwords are only valid for a li...