Password Management and Digital Signatures: Delegation of Cryptographic Servers for Capture-Resilient Devices

Techniques have recently been proposed by which a device that performs private key operations (signatures or decryptions), and whose private key operations are protected by a password, can be immunized against offline dictionary attacks in case the device is captured. This is done by forcing the device to confirm a password guess with a designated remote server in order to perform a private key operation. In this paper we extend these protocols to allow for dynamic delegation from one server to another, i.e., so that the device can subsequently use the second server to secure its private key operations. One application is to allow a user who is traveling to a foreign country to temporarily delegate to a server local to that country the ability to confirm password guesses and aid the user's device in performing private key operations, or in the limit, to temporarily delegate this ability to a token in the user's possession. Another application is to temporarily delegate this ability to a token in the user's possession. Another application is proactive security for the device's private key, i.e., proactive updates to the device and servers to eliminate any threat of offline password guessing attacks due to previously compromised servers.