Nothing Special   »   [go: up one dir, main page]

What a lovely hat

Is it made out of tin foil?

Paper 2024/962

Secure Account Recovery for a Privacy-Preserving Web Service

Ryan Little, Boston University
Lucy Qin, Georgetown University
Mayank Varia, Boston University
Abstract

If a web service is so secure that it does not even know—and does not want to know—the identity and contact info of its users, can it still offer account recovery if a user forgets their password? This paper is the culmination of the authors' work to design a cryptographic protocol for account recovery for use by a prominent secure matching system: a web-based service that allows survivors of sexual misconduct to become aware of other survivors harmed by the same perpetrator. In such a system, the list of account-holders must be safeguarded, even against the service provider itself. In this work, we design an account recovery system that, on the surface, appears to follow the typical workflow: the user types in their email address, receives an email containing a one-time link, and answers some security questions. Behind the scenes, the defining feature of our recovery system is that the service provider can perform email-based account validation without knowing, or being able to learn, a list of users' email addresses. Our construction uses standardized cryptography for most components, and it has been deployed in production at the secure matching system. As a building block toward our main construction, we design a new cryptographic primitive that may be of independent interest: an oblivious pseudorandom function that can either have a fully-private input or a partially-public input, and that reaches the same output either way. This primitive allows us to perform online rate limiting for account recovery attempts, without imposing a bound on the creation of new accounts. We provide an open-source implementation of this primitive and provide evaluation results showing that the end-to-end interaction time takes 8.4-60.4 ms in fully-private input mode and 3.1-41.2 ms in partially-public input mode.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. USENIX Security 2024
Keywords
account recoveryoblivious pseudorandom functionsecure matching system
Contact author(s)
ryanlit @ bu edu
History
2024-06-17: approved
2024-06-14: received
See all versions
Short URL
https://ia.cr/2024/962
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2024/962,
      author = {Ryan Little and Lucy Qin and Mayank Varia},
      title = {Secure Account Recovery for a Privacy-Preserving Web Service},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/962},
      year = {2024},
      url = {https://eprint.iacr.org/2024/962}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.