Präsentation Master Thesis Marius Frinken: „Password-based Secure Cloud Storage“

Am 27. Mai 2021 um 16 Uhr stellt Marius Frinken seine Abschlussarbeit zum Thema „Password-based Secure Cloud Storage“ vor.

Die Informationen zur Einwahl via Zoom finden Sie hier.

Unten stehend finden Sie die Kurzfassung des Vortrags in englischer Sprache.

Using a cloud storage service like Dropbox is currently the defacto standard for sharing files over the Internet. Passwords are currently the dominating authentication method for such services. Cloud services that offer end-to-end encryption like tresorit mostly rely on hashing the user-chosen password to authenticate the user and simultaneously derive the necessary encryption keys. This exposes this type of system to offline brute-force attacks; a stolen database of password hashes allows an attacker to systematically guess the password while being unattached to the system. The newly developed password-hardened encryption (PHE) approach eliminates this attack surface while strictly limiting online guessing attempts. In this thesis, we explore how PHE can be utilized to create a secure and efficient password-based cloud sharing system. We explore what notions of security are feasible within such a system and provide a construction that meets our demands. The security and the efficiency of this construction is fundamentally analyzed and discussed in detail.