all InfoSec news
SweetPAKE: Key exchange with decoy passwords
Feb. 26, 2024, 2:36 a.m. |
IACR News www.iacr.org
ePrint Report: SweetPAKE: Key exchange with decoy passwords
Afonso Arriaga, Peter Y.A. Ryan, Marjan Skrobot
Decoy accounts are often used as an indicator of the compromise of sensitive data, such as password files. An attacker targeting only specific known-to-be-real accounts might, however, remain undetected. A more effective method proposed by Juels and Rivest at CCS'13 is to maintain additional fake passwords associated with each account. An attacker who gains access to the password file is unable to tell apart real …
accounts attacker compromise data decoy eprint report exchange files key password passwords peter real report sensitive sensitive data targeting undetected
More from www.iacr.org / IACR News
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Offensive Security Engineer
@ Ivanti | United States, Remote
Senior Security Engineer I
@ Samsara | Remote - US
Senior Principal Information System Security Engineer
@ Chameleon Consulting Group | Herndon, VA
Junior Detections Engineer
@ Kandji | San Francisco
Data Security Engineer/ Architect - Remote United States
@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700