惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
G
GRAHAM CLULEY
P
Privacy & Cybersecurity Law Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
宝玉的分享
宝玉的分享
P
Proofpoint News Feed
H
Help Net Security
V
Visual Studio Blog
阮一峰的网络日志
阮一峰的网络日志
C
Cisco Blogs
人人都是产品经理
人人都是产品经理
Know Your Adversary
Know Your Adversary
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Recorded Future
Recorded Future
I
Intezer
罗磊的独立博客
T
The Exploit Database - CXSecurity.com
Blog — PlanetScale
Blog — PlanetScale
Malwarebytes
Malwarebytes
Spread Privacy
Spread Privacy
T
Tor Project blog
V
Vulnerabilities – Threatpost
云风的 BLOG
云风的 BLOG
腾讯CDC
B
Blog RSS Feed
Stack Overflow Blog
Stack Overflow Blog
F
Future of Privacy Forum
MyScale Blog
MyScale Blog
Latest news
Latest news
IT之家
IT之家
MongoDB | Blog
MongoDB | Blog
The Hacker News
The Hacker News
S
Securelist
博客园 - 【当耐特】
C
CXSECURITY Database RSS Feed - CXSecurity.com
T
Threat Research - Cisco Blogs
Jina AI
Jina AI
Cisco Talos Blog
Cisco Talos Blog
B
Blog
博客园 - 三生石上(FineUI控件)
Last Week in AI
Last Week in AI
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
M
MIT News - Artificial intelligence
V
V2EX
D
Darknet – Hacking Tools, Hacker News & Cyber Security
The Cloudflare Blog
The GitHub Blog
The GitHub Blog
博客园 - 聂微东
F
Full Disclosure
C
CERT Recently Published Vulnerability Notes

Cryptology ePrint Archive

Symmetric Attribute-Based Encryption from Minimal Hardness Assumptions Quantum and Post-Quantum Blockchain: A Systematic Survey Efficient Homomorphic String Search via TFHE Comments on "Server-Aided Public Key Authenticated Searchable Encryption With Constant Ciphertext and Constant Trapdoor" Updatable Public-Key Encryption from FESTA Sequence-Level Security for Active Weighted Signature Reconfiguration Linear self-equivalence of the known families of APN functions: a unified point of view Can We Tolerate Small Side-Channel Leakages: The Role of Registers in Glitch-Stopping Circuits Signal and Ready to MINGLE: In-Band Gossip for Key Transparency Split-View Detection in E2EE Messengers Constant-Online PVSS from CCA2-Secure Threshold Encryption: A Generic Framework Unified FPGA Design of Kyber and Dilithium with Provable Fault Tolerance Quantum Circuit Implementation and Grover’s Search on the Lightweight Block Cipher KLEIN Family Current trends in AI-Aided Cryptography More from Less: Composable General Multi-Party Computation with Global Public Verifiability from a Single Enclave Only PQKryvos: Post-Quantum Secure E-Voting With Flexible Ballot Formats and Public Tally-Hiding A Blockchain-Based Pre-Verification Access Control Scheme with Vector Commitments and Bulletproofs On weak keys of POK\'{E} Distributed Simon's Algorithm with Less Per-Node Qubit Overhead and Its Application to Cryptanalysis Information-Theoretic Optimistic Verifiable Secret Sharing Modern Portfolio Theory in the Crypto-Wilderness Balanced and Adaptively Secure Asynchronous Common Coin and Byzantine Agreement With Sub-Quadratic Communication Miraidon: MinRank Identification Topology-Hiding Computation From Key Agreement in Diameter-Two Graphs On Local Invariants for Permutation Equivalence Super-intelligence Survival Guide: Verification via Proof-Carrying Output Format-Preserving Encryption Creates a Privacy Attack Surface for Re-Identification Suppressing Hidden Extension-Field Linearity in Rank-Metric Cryptography via Structural Incompatibility DDYF: Differential Dolev-Yao Fuzzing of Cryptographic Protocols Single-Trace Power Analysis of LESS Key Generation BumbleBee: Best-of-Both-Worlds MVBA with Optimal Communication, Latency and Resilience Tradeoffs Maskaglia: A New, Efficient Approach to Masked Discrete Gaussian Sampling Impact of Post-Quantum Signatures on InnoDB B+-Trees and Efficient Batch Signing VeinoCert: Binding an Object to an Owner A New Insight into Constructing Cryptographic Boolean Functions via Walsh Spectral Analysis Quantum algorithm for Discrete Gaussian Sampling A formal analysis of FLEX and FLEX2 Zero-shot deep-unfolding decoder for QC-MDPC McEliece cryptosystems Profiling-Device-Free SASCA Framework for ML-KEM Key-Independent Secret-Key Distinguisher for 7-Round AES based on the Joint Generalized Zero-Difference Property Improved Dual Attack via Quantum Rejection Sampling Verifying Consensus Protocols from LLM-assisted TLA$^+$: A Case Study of Byzantine Reliable Broadcast ThriftyMPC: Reducing the Cost of Large-Scale MPC in the Cloud Revisiting DKLs Threshold ECDSA: Enhanced OT-based VOLE and Two-Party Signing Functional Bootstrapping for a Single LWE Ciphertext with \(\tilde{O}(1)\) Polynomial Multiplications LoTRS: Practical Post-Quantum Structured Threshold Ring Signatures from Lattices Asynchronous Lagrange-Based Threshold FHE with Smaller Modulus Overhead Breaking ACDGV MinRank Gabidulin encryption schemes over matrix codes Explicit cost analysis of Toom-4 multiplication for incomplete NTT in lattice-based cryptography Security Analysis on a Blockchain-based Public-Key Authenticated Searchable Encryption Scheme Icy-DVRF: A Distributed Verifiable Random Function based on FROST signatures Frobenius-UOV: A Very Efficient Multivariate Public Key Signature Scheme Revisiting Linear Subspace Trails in Poseidon2 and Neptune A New Multiscalar Multiplication Method Resistant to Timing Attacks Device Binding for Anonymous Credentials on Legacy Phones Beyond Quadratic: Unlocking Pseudorandomness with Quartic Character Multi-leveled and ISA/IEC 62443-aware Certificate Transparency to Protect the PKI Service Supply Chain of Operational Technology rBFT: a Revamped Two-Stage BFT from Delegated Committee Delving Deep into Security Guarantees against Integral Distinguishers with Applications to PRESENT, TWINE and LBLOCK On the Communication Complexity of Sleepy Consensus Operationalising Post‑Quantum TLS: Automated Configuration Profiling and Hybrid PQC Deployment in Financial Infrastructure Enhancing Blockchain Proof of Stake with Active Weighted Signatures: The ADAPT Framework Threshold FHE with Short Decryption Shares without a Semi-trusted Server Efficient Bootstrapping in Fully Homomorphic Encryption for Matrix Arithmetic YsPIR: HE-Based Single-Server Private Information Retrieval with Low Communication Cost and High Throughput Black-box validation of Falcon key generation under numerical instability Tight Lattice-Based Signatures without Trapdoors from Search LWE Formalizing Blockchain PQC Signature Transition: How to Outpace Quantum Adversaries Early-stopping Consensus with Adaptive Bit Complexity Beyond the Anonymous Inbox: Secure Whistleblowing for All Quantum Circuit Realization and Grover Cryptanalysis of the Hybrid ARX-SPN Cipher GFSPX Anamorphic Construction For The Winternitz OTS Scheme Family Efficient SIMD Implementation of the BLS Signature Scheme Using Intel AVX-512 Constant-Round Secure Distributed Decoding and HQC Threshold Decryption Threshold PRISM Signature Schemes via Graph-Based Threshold Access Structures On MPC-friendly Softmax Optimized G+G Signature On the Investigation of Variants for Discrete Logarithm Problems in Abelian Groups: An Algebraic Structure Approach MAYA: A Short Shuffle Argument With Fast Verification Efficiently deciding and recovering CCZ and EA equivalence for arbitrary vectorial Boolean functions using the partition refinement framework More Efficient SNARKs via Quasi-Abelian Codes: Faster, Smaller, and Field-Agnostic Storing Less in-the-Head: An Area-Efficient Hardware Architecture for SDitH-v2 Pseudonymization and reporters’ protection by design in the EU whistleblower directive Efficient and Privacy-preserving Outsourced Training of Decision Tree Models Based on (Leveled) Fully Homomorphic Encryption SoK: Private LLM Inference using Approximate Homomorphic Encryption First-Order Masked Fine-ShufflingImplementation Against Side-Channel Attackswith Application to ML-KEM BitVM3: Efficient Bitcoin Bridges via Garbled Circuits Zephyr: GPU-Efficient Homomorphic Encryption for Privacy-Preserving Transformer Inference Fair Multiparty Coin Tossing from Minimal Assumptions Improved Quantum Attacks on Iterated Even-Mansour Ciphers with Classical Queries On the Statistical vs. Computational Security of the DKLs23 Multiparty ECDSA Protocol Wombat: Post-Quantum Blind Signature from Standard Group Action Assumptions and More Fully Homomorphic Encryption on the Ring of Gaussian Periods Private Function Evaluation with Linear Complexity LogVOLE: Succinct and Efficient Chosen-Input VOLE for ZK and Beyond RIC: Randomize Invalid Coefficients to Mitigate Side-Channel Assisted Chosen-Ciphertext Attacks on ML-KEM Practical and Verifiable Encrypted Vector Search for Retrieval-Augmented Generation Generic Construction of CCA-Secure PKE from Key-Insulated and Privacy-Preserving Signatures with Publicly Derived Public Key Adaptively Secure Permissive Unbounded Inner Product Functional Encryption from Lattices CUBE: Partially Blind BBS Signatures for Unlinkable Decentralized Identity Towards Practical Committee Sizes in YOSO MPC
Two-Factor Authentication Can Harden Servers Against Offline Password Search
Xavier Boyen · 2026-02-19 · via Cryptology ePrint Archive

Paper 2026/317

Two-Factor Authentication Can Harden Servers Against Offline Password Search

Stanislaw Jarecki, University of California, Irvine

Phillip Nazarian, University of California, Irvine

Jiayu Xu, Oregon State University

Tianyu Zheng, University of California, Los Angeles

Abstract

We propose a novel notion of Two-Factor Authenticated Key Exchange (TFA-KE), defined in the universal composability model (UC), which extends asymmetric PAKE (aPAKE) by a 2nd authentication factor in the form of a $t$-bit one-time code computed by a personal device based on a clock or counter. Our notion strengthens the security of standard integration of aPAKE with short authentication codes by additionally slowing down offline brute-force password search in case of server compromise by a factor of $2^t$. In other words, our TFA-KE notion uses $t$-bit authentication codes not only to improve on-line security of password authentication, as is the current practice, but also to strengthen password security on server corruption, whilst retaining the ability of aPAKE to avoid the common but deplorable practice of relying on "secure-channel" encryption for password protection. We show a generic framework for implementing TFA-KE, with two efficient instantiations. Our key enabling tool is a tight one-way function (TOWF) with an algebraic structure that allows for its evaluation on a secret-shared input. We initiate the study of such functions, and we provide two proposals which we show to be tightly one-way in the Generic Group Model. Tightness means that a function evaluation on an input sampled from domain $\mathcal{X}$ takes $\Omega(|\mathcal{X}|)$ time to invert, which in our application implies that offline password search attacks are slowed to $\Omega(|D|\cdot 2^t)$ for passwords sampled from dictionary $D$.

BibTeX 

@misc{cryptoeprint:2026/317,
      author = {Xavier Boyen and Stanislaw Jarecki and Phillip Nazarian and Jiayu Xu and Tianyu Zheng},
      title = {Two-Factor Authentication Can Harden Servers Against Offline Password Search},
      howpublished = {Cryptology {ePrint} Archive, Paper 2026/317},
      year = {2026},
      doi = {10.1007/978-3-032-25317-0_5},
      url = {https://eprint.iacr.org/2026/317}
}

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。