Comments on P1363.2 D25. August 24, 2006. Kaliski/1 (technical). D.188.8.131.52.1 [B15] also describes a multi-server scheme that obtains a retrieved key using just one PKRS-1 server, plus another non-PKRS-1 server.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
August 24, 2006
“Alternatively, the master key could be derived from a single PKRS-1 retrieved key and a component stored on another (non-PKRS-1) server, where the Client must demonstrate knowledge of the retrieved key to the second server in order to obtain the component. This variant protects the password against compromise of the PKRS-1 server.”
“⎯ using oKCF = Hash(Z || ), which prevents the Server from fooling the Client without first correctly guessing the password, or”
“⎯ using oKCF = Hash(Hash(Z1||Z2|| … Zn) || ), where the Zi values are derived using PKRS-1 with n distinct Servers, which prevents each Server from fooling the Client without first correctly guessing the password, or”
Agree with these changes.