An Efficient Privacy-Preserving Scheme for Weak Password Collection in Internet of Things against Perpetual Leakage

Password-based authentication is widely applied in Internet of Things (IoT). It allows IoT devices to identify users with passwords to resist unauthorized access. However, choices of weak passwords, especially popular ones, might violate users' privacy and lead to large-scale network attacks. Collection of popular passwords among IoT devices to establish blacklists via a service provider can prevent use of weak passwords. To protect unpopular passwords during collection, existing privacy-preserving schemes rely on expensive cryptographic primitives (e.g., garbled circuits and zero-knowledge proofs), which would impose heavy communication and computation burdens on constrained devices and hinder wide deployment of these schemes. In this paper, we propose EAGER+, an efficient privacy-preserving scheme for weak password collection in IoT against perpetual leakage. EAGER+ is mainly built on secret sharing and symmetric encryption, thereby enabling lightweight computation and communication on IoT devices. In EAGER+, we conceive a password-locked encryption with conditional decryption mechanism to efficiently identify popular passwords, where a password is essentially locked under itself in the encryption to guarantee its security, and the password can be revealed from the ciphertext by the service provider only if a sufficient number of devices exploit it. The mechanism is integrated with a servers-aided password-hardening mechanism to resist offline dictionary guessing attacks. Moreover, EAGER+ uses a key renewal mechanism to periodically update secrets for password hardening on key servers to thwart perpetual leakage towards the secrets. We formally analyze the security of EAGER+, and conduct experimental evaluations to show that EAGER+ is more efficient than existing schemes.