Skip to main content

Advertisement

Springer Nature Link
Log in
Menu
Find a journal Publish with us Track your research
Search
Saved research
Cart
  1. Home
  2. Advances in Cryptology – CRYPTO 2012
  3. Conference paper

Multi-instance Security and Its Application to Password-Based Cryptography

  • Conference paper
  • pp 312–329
  • Cite this conference paper
Save conference paper
View saved research
Advances in Cryptology – CRYPTO 2012 (CRYPTO 2012)
Multi-instance Security and Its Application to Password-Based Cryptography
  • Mihir Bellare18,
  • Thomas Ristenpart19 &
  • Stefano Tessaro20 

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7417))

Included in the following conference series:

  • Annual Cryptology Conference
  • 6428 Accesses

  • 43 Citations

Abstract

This paper develops a theory of multi-instance (mi) security and applies it to provide the first proof-based support for the classical practice of salting in password-based cryptography. Mi-security comes into play in settings (like password-based cryptography) where it is computationally feasible to compromise a single instance, and provides a second line of defense, aiming to ensure (in the case of passwords, via salting) that the effort to compromise all of some large number m of instances grows linearly with m. The first challenge is definitions, where we suggest LORX-security as a good metric for mi security of encryption and support this claim by showing it implies other natural metrics, illustrating in the process that even lifting simple results from the si setting to the mi one calls for new techniques. Next we provide a composition-based framework to transfer standard single-instance (si) security to mi-security with the aid of a key-derivation function. Analyzing password-based KDFs from the PKCS#5 standard to show that they meet our indifferentiability-style mi-security definition for KDFs, we are able to conclude with the first proof that per password salts amplify mi-security as hoped in practice. We believe that mi-security is of interest in other domains and that this work provides the foundation for its further theoretical development and practical application.

Download to read the full chapter text

Chapter PDF

Similar content being viewed by others

Multi-instance Secure Public-Key Encryption

Chapter © 2023

Cryptographic Treatment of Key Control Security

Chapter © 2025

Key Derivation Functions Without a Grain of Salt

Chapter © 2025

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.
  • Cryptology
  • Data and Information Security
  • IT Security Awareness
  • Principles and Models of Security
  • Security Services
  • Security Science and Technology
  • Security Protocols for Networked Systems

References

  1. Abadi, M., Warinschi, B.: Password-Based Encryption Analyzed. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 664–676. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  2. Baudron, O., Pointcheval, D., Stern, J.: Extended Notions of Security for Multicast Public Key Cryptosystems. In: Montanari, U., Rolim, J.D.P., Welzl, E. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 499–511. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  3. Bellare, M., Boldyreva, A., Micali, S.: Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 259–274. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: 38th FOCS, pp. 394–403. IEEE Computer Society Press (October 1997)

    Google Scholar 

  5. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated Key Exchange Secure against Dictionary Attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  6. Bellare, M., Ristenpart, T., Tessaro, S.: Multi-instance security and its application to password-based cryptography. Cryptology ePrint Archive, Report 2012/196 (2012), http://eprint.iacr.org/

  7. Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Ashby, V. (ed.) ACM CCS 1993, pp. 62–73. ACM Press (November 1993)

    Google Scholar 

  8. Boyen, X.: Halting password puzzles: hard-to-break encryption from human-memorable keys. In: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, p. 9. USENIX Association (2007)

    Google Scholar 

  9. Boyen, X.: New Paradigms for Password Security (Abstract from the Keynote Lecture). In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol. 5107, pp. 1–5. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  10. Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally Composable Password-Based Key Exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damgård Revisited: How to Construct a Hash Function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 430–448. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  12. Dodis, Y., Gennaro, R., Håstad, J., Krawczyk, H., Rabin, T.: Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 494–510. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  13. Dodis, Y., Impagliazzo, R., Jaiswal, R., Kabanets, V.: Security Amplification for Interactive Cryptographic Primitives. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 128–145. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Gennaro, R., Lindell, Y.: A Framework for Password-Based Authenticated Key Exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 524–543. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Goldreich, O.: Three XOR-Lemmas — An exposition (1995), http://www.wisdom.weizmann.ac.il/

  16. Goldreich, O., Impagliazzo, R., Levin, L.A., Venkatesan, R., Zuckerman, D.: Security preserving amplification of hardness. In: 31st FOCS, pp. 318–326. IEEE Computer Society Press (October 1990)

    Google Scholar 

  17. Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: 21st ACM STOC, pp. 25–32. ACM Press (May 1989)

    Google Scholar 

  18. Goldreich, O., Nisan, N., Wigderson, A.: On Yao’s XOR-Lemma. In: Goldreich, O. (ed.) Studies in Complexity and Cryptography. LNCS, vol. 6650, pp. 273–301. Springer, Heidelberg (2011)

    Google Scholar 

  19. Haitner, I., Harnik, D., Reingold, O.: On the Power of the Randomized Iterate. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 22–40. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  20. Impagliazzo, R., Kabanets, V.: Constructive Proofs of Concentration Bounds. In: Serna, M., Shaltiel, R., Jansen, K., Rolim, J. (eds.) APPROX and RANDOM 2010, LNCS, vol. 6302, pp. 617–631. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  21. Kelsey, J., Schneier, B., Hall, C., Wagner, D.: Secure Applications of Low-Entropy Keys. In: Okamoto, E., Davida, G., Mambo, M. (eds.) ISW 1997. LNCS, vol. 1396, pp. 121–134. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  22. Kohno, T.: Attacking and repairing the winZip encryption scheme. In: Atluri, V., Pfitzmann, B., McDaniel, P. (eds.) ACM CCS 2004, pp. 72–81. ACM Press (October 2004)

    Google Scholar 

  23. Krawczyk, H.: Cryptographic Extraction and Key Derivation: The HKDF Scheme. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 631–648. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  24. Luby, M., Rackoff, C.: A Study of Password Security. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 392–397. Springer, Heidelberg (1988)

    Google Scholar 

  25. Maurer, U.M., Pietrzak, K., Renner, R.: Indistinguishability Amplification. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 130–149. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  26. Maurer, U.M., Renner, R., Holenstein, C.: Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 21–39. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  27. Maurer, U., Tessaro, S.: Computational Indistinguishability Amplification: Tight Product Theorems for System Composition. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 355–373. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  28. Maurer, U., Tessaro, S.: A Hardcore Lemma for Computational Indistinguishability: Security Amplification for Arbitrarily Weak PRGs with Optimal Stretch. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 237–254. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  29. Morris, R., Thompson, K.: Password security: a case history. Commun. ACM 22, 594–597 (1979)

    Article  Google Scholar 

  30. Myers, S.: Efficient amplification of the security of weak pseudo-random function generators. Journal of Cryptology 16(1), 1–24 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  31. Panconesi, A., Srinivasan, A.: Randomized distributed edge coloring via an extension of the chernoff-hoeffding bounds. SIAM J. Comput. 26(2), 350–368 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  32. PKCS #5: Password-based cryptography standard (rfc 2898). RSA Data Security Inc, Version 2.0 (September 2000)

    Google Scholar 

  33. Ristenpart, T., Shacham, H., Shrimpton, T.: Careful with Composition: Limitations of the Indifferentiability Framework. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 487–506. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  34. Tessaro, S.: Security Amplification for the Cascade of Arbitrarily Weak PRPs: Tight Bounds via the Interactive Hardcore Lemma. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 37–54. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  35. Unger, F.: A probabilistic inequality with applications to threshold direct-product theorems. In: 50th FOCS, pp. 221–229. IEEE Computer Society Press (October 2009)

    Google Scholar 

  36. Wagner, D., Goldberg, I.: Proofs of Security for the Unix Password Hashing Algorithm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 560–572. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  37. Yao, A.C.: Theory and applications of trapdoor functions. In: 23rd FOCS, pp. 80–91. IEEE Computer Society Press (November 1982)

    Google Scholar 

  38. Yao, F.F., Yin, Y.L.: Design and Analysis of Password-Based Key Derivation Functions. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 245–261. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science & Engineering, University of California San Diego, California, USA

    Mihir Bellare

  2. Department of Computer Sciences, University of Wisconsin - Madison, Madison, USA

    Thomas Ristenpart

  3. CSAIL, Massachusetts Institute of Technology, Cambridge, USA

    Stefano Tessaro

Authors
  1. Mihir Bellare
    View author publications

    Search author on:PubMed Google Scholar

  2. Thomas Ristenpart
    View author publications

    Search author on:PubMed Google Scholar

  3. Stefano Tessaro
    View author publications

    Search author on:PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Calgary, 2500 University Drive NW, T2N 1N4, Calgary, AB, Canada

    Reihaneh Safavi-Naini

  2. Department of Computer Science, University of Boston, 111 Cummington Street, 02215, Boston, MA, USA

    Ran Canetti

Rights and permissions

Reprints and permissions

Copyright information

© 2012 International Association for Cryptologic Research 2012

About this paper

Cite this paper

Bellare, M., Ristenpart, T., Tessaro, S. (2012). Multi-instance Security and Its Application to Password-Based Cryptography. In: Safavi-Naini, R., Canetti, R. (eds) Advances in Cryptology – CRYPTO 2012. CRYPTO 2012. Lecture Notes in Computer Science, vol 7417. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-32009-5_19

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-32009-5_19

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-32008-8

  • Online ISBN: 978-3-642-32009-5

  • eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Keywords

  • Random Oracle
  • Security Notion
  • Test Oracle
  • Brute Force Attack
  • Symmetric Encryption Scheme

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Publish with us

Policies and ethics

Search

Navigation

  • Find a journal
  • Publish with us
  • Track your research

Footer Navigation

Discover content

  • Journals A-Z
  • Books A-Z
  • Subjects A-Z

Publish with us

  • Journal finder
  • Publish your research
  • Language editing
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our brands

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Discover

Corporate Navigation

  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support
  • Legal notice
  • Cancel contracts here

104.23.243.59

Not affiliated

Springer Nature

© 2026 Springer Nature