This paper explains the sync problem and compares solutions in Firefox 4 and Chrome 10. The sync problem studies how to securely synchronize data across different computers. Google has added a built-in sync function in Chrome 10, which uses a user-defined password to encrypt bookmarks, history, cached passwords etc. However, due to the low-entropy of passwords, the encryption is inherently weak...

Password-based Authenticated Key-Exchange (PAKE) protocols allow users, who need only to share a password, to compute a high-entropy shared session key despite passwords being taken from a dictionary. Security models for PAKE protocols aim to capture the desired security properties that such protocols must satisfy when executed in the presence of an active adversary. They are usually classified...

In this paper, we propose new password authenticated key exchange (PAKE) and protected password change (PPC) protocols without any symmetric or public-key cryptosystems. The security of the proposed protocols is based on the computational Diffie-Hellman assumption in the random oracle model. The proposed scheme can resist both forgery server and denial of service attacks.

To reduce the damage of phishing and spyware attacks, banks, governments, and other security-sensitive industries are deploying one-time password systems, where users have many passwords and use each password only once. If a single password is compromised, it can be only be used to impersonate the user once, limiting the damage caused. However, existing practical approaches to one-time password...

In [1], the authors presented a unified framework for constructing Universally Composable (UC) secure computation protocols, assuming only enhanced trapdoor permutations. In this work, we weaken the hardness assumption underlying the unified framework to only the existence of a stand-alone secure semi-honest Oblivious Transfer (OT) protocol. The new framwork directly implies new and improved UC...

We provide an NMRPipe macro to meet an increasing need in membrane biophysics for facile de-Pake-ing of axially symmetric deuterium, and to an extent phosphorous, static lineshapes. The macro implements the development of McCabe & Wassall (1997), and is run as a simple replacement for the usual Fourier transform step in an NMRPipe processing procedure.

With the advancement of technology, communications today should be secured by secret session key. A password-authenticated key agreement method is an interactive password based method to establish secret session keys. A number of protocols for Password based Authentication and Key Exchange (PAKE) is designed for the single server environment where each user shares a password with a server. Thes...