N-for-1-Auth: N-wise Decentralized Authentication via One Authentication

Ryan Deng and Weikeng Chen and Raluca Ada Popa

EECS Department, University of California, Berkeley

Technical Report No. UCB/EECS-2021-240

December 1, 2021

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2021/EECS-2021-240.pdf

Decentralizing trust is a fundamental principle in the design of end-to-end encryption and cryptocurrency systems. A common issue in these applications is that users possess critical secrets. If these secrets are lost, users can lose precious data or assets. This issue remains a pain point in the adoption of these systems. Existing approaches such as backing up user secrets through a centralized service or distributing them across N mutually distrusting servers to preserve decentralized trust are either introducing a central point of attack or face usability issues by requiring users to authenticate N times, once to each of the N servers.

We present N-for-1-Auth, a system that preserves distributed trust by enabling a user to authenticate to N servers independently, with the work of only one authentication, thereby offering the same user experience as in a typical centralized system.

Advisors: Raluca Ada Popa

BibTeX citation:

@mastersthesis{Deng:EECS-2021-240,
    Author= {Deng, Ryan and Chen, Weikeng and Popa, Raluca Ada},
    Title= {N-for-1-Auth: N-wise Decentralized Authentication via One Authentication},
    School= {EECS Department, University of California, Berkeley},
    Year= {2021},
    Month= {Dec},
    Url= {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2021/EECS-2021-240.html},
    Number= {UCB/EECS-2021-240},
    Abstract= {Decentralizing trust is a fundamental principle in the design of end-to-end encryption and cryptocurrency systems. A common issue in these applications is that users possess critical secrets. If these secrets are lost, users can lose precious data or assets. 
This issue remains a pain point in the adoption of these systems. Existing approaches such as backing up user secrets through a centralized service or distributing them across N mutually distrusting servers to preserve decentralized trust are either introducing a central point of attack or face usability issues by requiring users to authenticate N times, once to each of the N servers.

We present N-for-1-Auth, a system that preserves distributed trust by enabling a user to authenticate to N servers independently, with the work of only one authentication, thereby offering the same user experience as in a typical centralized system.},
}

EndNote citation:

%0 Thesis
%A Deng, Ryan 
%A Chen, Weikeng 
%A Popa, Raluca Ada 
%T N-for-1-Auth: N-wise Decentralized Authentication via One Authentication
%I EECS Department, University of California, Berkeley
%D 2021
%8 December 1
%@ UCB/EECS-2021-240
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2021/EECS-2021-240.html
%F Deng:EECS-2021-240