Universally Composable Password-Hardened Encryption
Abdolmaleki B, Baecker R, Gerhart P, Graf M, Khalili M, Rausch D, Schröder D (2025)
Publication Type: Conference contribution
Publication year: 2025
Journal
Publisher: Springer Science and Business Media Deutschland GmbH
Book Volume: 16250 LNCS
Pages Range: 235-267
Conference Proceedings Title: Lecture Notes in Computer Science
Event location: Melbourne
ISBN: 9789819551187
DOI: 10.1007/978-981-95-5119-4_8
Abstract
Password-Hardened Encryption (PHE) protects against offline brute-force attacks by involving an external ratelimiter that enforces rate-limited decryption without learning passwords or keys. Threshold Password-Hardened Encryption (TPHE), introduced by Brost et al. (CCS’20), distributes this trust among multiple ratelimiters. Despite its promise, the security foundations of TPHE remain unclear. We make three contributions: We uncover a flaw in the proof of Brost et al.’s TPHE scheme, which invalidates its claimed security and leaves the guarantees of existing constructions uncertain;We provide the first universal composability (UC) formalization of PHE and TPHE, unifying previous fragmented models and supporting key rotation, an essential feature for long-term security and related primitives such as updatable encryption;We present the first provably secure TPHE scheme, which is both round-optimal and UC-secure, thus composable in real-world settings; and we implement and evaluate our protocol, demonstrating practical efficiency that outperforms prior work in realistic WAN scenarios. We uncover a flaw in the proof of Brost et al.’s TPHE scheme, which invalidates its claimed security and leaves the guarantees of existing constructions uncertain; We provide the first universal composability (UC) formalization of PHE and TPHE, unifying previous fragmented models and supporting key rotation, an essential feature for long-term security and related primitives such as updatable encryption; We present the first provably secure TPHE scheme, which is both round-optimal and UC-secure, thus composable in real-world settings; and we implement and evaluate our protocol, demonstrating practical efficiency that outperforms prior work in realistic WAN scenarios.
Authors with CRIS profile
Ruben Baecker
Lehrstuhl für Informatik 13 (Angewandte Kryptographie)
Dominique Schröder
Lehrstuhl für Informatik 13 (Angewandte Kryptographie)
Involved external institutions
University of Sheffield
United Kingdom (GB)
Technische Universität Wien / Vienna University of Technology
Austria (AT)
Universität Stuttgart
Germany (DE)
Isfahan University of Technology (IUT) / دانشگاه صنعتی اصفهان
Iran, Islamic Republic of (IR)
United Kingdom (GB)
Technische Universität Wien / Vienna University of Technology
Austria (AT)
Universität Stuttgart
Germany (DE)
Isfahan University of Technology (IUT) / دانشگاه صنعتی اصفهان
Iran, Islamic Republic of (IR)
How to cite
APA:
Abdolmaleki, B., Baecker, R., Gerhart, P., Graf, M., Khalili, M., Rausch, D., & Schröder, D. (2025). Universally Composable Password-Hardened Encryption. In Goichiro Hanaoka, Bo-Yin Yang (Eds.), Lecture Notes in Computer Science (pp. 235-267). Melbourne, AU: Springer Science and Business Media Deutschland GmbH.
MLA:
Abdolmaleki, Behzad, et al. "Universally Composable Password-Hardened Encryption." Proceedings of the 31st Annual International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2025, Melbourne Ed. Goichiro Hanaoka, Bo-Yin Yang, Springer Science and Business Media Deutschland GmbH, 2025. 235-267.
BibTeX: Download