RSA Laboratories

An Error-Tolerant Password Recovery Scheme

Niklas Frykholm and Ari Juels

Citation: Frykholm and A. Juels. Error-Tolerant Password Recovery. In P. Samarati, ed., Eighth ACM Conference on Computer and Communications Security, pages 1-8. ACM Press. 2001.

Abstract: Many encryption systems require the user to memorize high entropy passwords or passphrases and reproduce them exactly. This is often a difficult task. We propose a more fault-tolerant scheme, where a high entropy key (or password) is derived from a set of low entropy passwords. The user is able to recover the correct key if she remembers a certain percentage of the passwords correctly. In contrast to other systems that have been proposed for fault-tolerant passwords, our basic design is provably secure against a computationally unbounded attacker.

Click here for paper

Click here for slides

Full Publication List