Revision as of 13:47, 15 May 2024 edit 166.1.161.162 (talk) →Threshold implementations: fixed another similar typo ← Previous edit		Revision as of 01:02, 13 July 2024 edit undo LucGommans (talk \| contribs) 65 edits →An improved password manager: Rewording and add details to the two mentioned implementations. Remove unsourced sentence that I think I know what it was referring to (from the SPHINX paper) but seemed misleading to me (because more goes into it than just the master/main password) and the mechanism is now explained in more detail by the new text Next edit →
Line 73: === An improved password manager === A [[password manager]] is software or a service that holds potentially many different ~~passwords~~account credentials on behalf of the auser. ~~single~~Access ~~user~~to the password manager is thus highly sensitive: an attack could expose many credentials to the attacker. The first proposal for a password ~~maanger~~manager based on OPRFs was SPHINX.<ref>{{cite book \|last1=Shirvanian \|first1=Maliheh \|last2=Jarecki \|first2=Stanislaw \|last3=Krawczykz \|first3=Hugo \|last4=Saxena \|first4=Nitesh \|chapter=SPHINX: A Password Store that Perfectly Hides Passwords from Itself \|title=2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS) \|date=2017 \|pages=1094–1104 \|doi=10.1109/ICDCS.2017.64 \|isbn=978-1-5386-1792-2 \|s2cid=4781641 \|chapter-url=https://ieeexplore.ieee.org/document/7980050}}</ref> It uses two devices (such as the user's laptop and phone) which collaborate to compute a password for a given account (as identified by the username and website's ___domain name). Because the user's two devices exchange values according to an OPRF protocol, intercepting the connection between them does not reveal anything about the password or the internal values each device used to compute it. Requiring two devices to compute any password also ensures that a compromise of either device does not allow the attacker to compute any of the passwords. A downside of this approach is that the user always needs access to both devices whenever they want to log in to any of their accounts.▼ ~~Access to the password manager, is thus highly sensitive. If it is a service, and that service is attacked, it could expose many of that user's passwords to the attacker.~~ An OPRF is used by the Password Monitor in [[Microsoft Edge]] to allow querying a server for whether a credential (which the user saved in the browser) is known to be compromised, without needing to reveal this credential to the server.<ref>{{Cite web\|last1=Lauter\|first1=Kristin\|last2=Kannepalli\|first2=Sreekanth\|last3=Laine\|first3=Kim\|last4=Cruz Moreno\|first4=Radames\|date=January 1, 2021\|title=Password Monitor: Safeguarding passwords in Microsoft Edge\|url=https://www.microsoft.com/en-us/research/blog/password-monitor-safeguarding-passwords-in-microsoft-edge/\|access-date=January 1, 2021\|website=Microsoft Research Blog}}</ref>▼ By using an OPRF, however, passwords for an individual site can be derived from a single [[master password]], without the service being in a position to learn either the user's master password, nor any of the derived passwords produced from it. ▲The first proposal for a password maanger based on OPRFs was SPHINX.<ref>{{cite book \|last1=Shirvanian \|first1=Maliheh \|last2=Jarecki \|first2=Stanislaw \|last3=Krawczykz \|first3=Hugo \|last4=Saxena \|first4=Nitesh \|chapter=SPHINX: A Password Store that Perfectly Hides Passwords from Itself \|title=2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS) \|date=2017 \|pages=1094–1104 \|doi=10.1109/ICDCS.2017.64 \|isbn=978-1-5386-1792-2 \|s2cid=4781641 \|chapter-url=https://ieeexplore.ieee.org/document/7980050}}</ref> ▲An OPRF is used by the Password Monitor in [[Microsoft Edge]].<ref>{{Cite web\|last1=Lauter\|first1=Kristin\|last2=Kannepalli\|first2=Sreekanth\|last3=Laine\|first3=Kim\|last4=Cruz Moreno\|first4=Radames\|date=January 1, 2021\|title=Password Monitor: Safeguarding passwords in Microsoft Edge\|url=https://www.microsoft.com/en-us/research/blog/password-monitor-safeguarding-passwords-in-microsoft-edge/\|access-date=January 1, 2021\|website=Microsoft Research Blog}}</ref> === A homomorphic key management system ===

Oblivious pseudorandom function: Difference between revisions