Password security is a crucial component of modern internet security. In this paper, we present a provably secure method for password verification using combinatorial group theory. This method relies on the group randomizer system, a subset of the MAGNUS computer algebra system and corrects most of the present problems with challenge response systems, the most common types of password verification. Theoretical security of the considered method depends on several results in asymptotic group theory. We mention further that this method has applications for many other password situations including container security.
References
[1]
Baumslag, G., Brjukhov, Y., Fine, B. and Troeger, D. (2010) Secure Password Verification Using Combinatorial Group Theory. Groups-Complexity-Cryptology, 2, 67-82. https://doi.org/10.1515/gcc.2010.005
[2]
Wikipedia. Challenge-Response Authentication. The Free Encyclopedia.
https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication
[3]
Challenge-Response System Based on RSA.
http://www.cag.lcs.mit.edu/rugina/ssh-procedures
[4]
Lysenok, I. (2006) Equations over Free Groups. Private Communication.
[5]
Jitsukawa, T. (2002) Malnormal Subgroups of Free Groups. In: Gilman, R., Shpilrain, V. and Myasnikov, A.G., Eds., Computational and Statistical Group Theory, Contemporary Mathematics, Vol. 298, 83-96.
https://doi.org/10.1090/conm/298/05115
[6]
Baumslag, G. (1993) Topics in Combinatorial Group Theory. Birkhauser.
[7]
Lyndon, R. and Schupp, P. (1978) Combinatorial Group Theory. Springer.
[8]
Magnus, W., Karass, A. and Solitar, D. (1968) Combinatorial Group Theory. Wiley Interscience, New York.
[9]
Camps, T., Rebel, V. and Rosenberger, G. (2008) Einführung in die kombinatorische und die geometrische Gruppentheorie. Berliner Studienreihe zur Mathematik Band 19, Heldermann Verlag.
[10]
Baumslag, G., Fine, B., Kreuzer, M. and Rosenberger, G. (2015) A Course in Mathematical Cryptography. De Gruyter, Berlin.
[11]
Fine, B. and Rosenberger, G. (1999) Algebraic Generalizations of Discrete Groups. Marcel-Dekker, New York.
[12]
Borovik, A., Myasnikov, A.G. and Shpilrain, V. (2002) Measuring Sets in Infinite Groups. In: Gilman, R., Shpilrain, V. and Myasnikov, A.G., Eds., Computational and Statistical Group Theory, Contemporary Mathematics, Vol. 298, 21-42.
https://doi.org/10.1090/conm/298/05112
[13]
Fine, B., Miasnikov, A. and Rosenberger, G. (2009) Generic Properties of Amalgams. Groups-Complexity-Cryptography, 1, 51-61.
[14]
Epstein, D.B.A. (1971) Almost All Subgroups of Lie Group Are Free. Journal of Algebra, 19, 261-262. https://doi.org/10.1016/0021-8693(71)90107-4
[15]
Carstensen, C., Fine, B. and Rosenberger, G. (2010) On Asymptotic Densities and Generic Properties in Finitely Generated Groups. Groups-Complexity-Cryptology, 2, 113-121. https://doi.org/10.1515/gcc.2010.008
[16]
Baumslag, G., Fine, B. and Xu, X. (2006) Cryptosystems Using Linear Groups. Applicable Algebra in Engineering, Communication and Computing, 17, 205-217.
https://doi.org/10.1007/s00200-006-0003-z
[17]
Baumslag, G., Fine, B. and Xu, X. (2006) A Proposed Public Key Cryptosystem Using the Modular Group. In: Fine, B., Gaglione, A.M. and Spellman, D., Eds., Combinatorial Group Theory, Discrete Groups, and Number Theory, Contemporary Mathematics, Vol. 421, 35-44. https://doi.org/10.1090/conm/421/08025
