A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Safely Turn Authentication Credentials Into Entropy (STACIE)
Author : Ladar Levison
Filename : draft-ladar-stacie-00.txt
Pages : 25
Date : 2015-05-22
Abstract:
This document specifies a method for Safely Turning Authentication
Credentials Into Entropy (STACIE) using an efficient Zero Knowledge
Password Proof (ZKPP), and is provided as a standalone component
suitable for use as a building block in other protocol development
efforts. The scheme was created to fill the emerging need for a
standard which allows a single low entropy password to be used for
user authentication and the derivation of strong encryption keys.
The design is modular, and is conservative in its use of an arbitrary
one-way cryptographic hash function. The security of the scheme
depends on the difficulty associated with reversing the hash function
output back into the plaintext input. STACIE attempts to make
discovering the plaintext input through the use of brute force more
difficult by linking the amount of processing to the length of a
user's plaintext password. The shorter the plaintext password the
more processing time per attempt with the amount of additional,
artificially required, work scaling exponentially for each character.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ladar-stacie/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ladar-stacie-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
