sudo apt-get update
sudo apt-get install git gcc g++ cmake libsodium-dev libssl-dev -y
sudo apt-get install pkg-config libworkflow-dev -ymkdir build
cd build
cmake .. -DCMAKE_BUILD_TYPE=Debug
makelibPreAcher.a is generated in the build directory.
There is an RSA private key at test/server.pem, this key is used for encrypting the password. The corresponding public key is embedded at
test/share/static/js/single_client.js::EncryptNonceBase64.
Before running the test, you need to generate the certificate and key files for the HTTPS server. Ideally, you should use a valid certificate signed by a trusted certificate authority. However, for testing purposes, you can generate a self-signed certificate using the following command:
openssl req -x509 -newkey rsa:4096 -keyout localhost.key -out localhost.crt -sha256 -days 3650 -nodes -subj "/"
mv localhost.key test/share/cert/
mv localhost.crt test/share/cert/The test executable can be built by running the following command:
cd build
make cdn server hash-cdn hash-serverThey will be generated in the build/test directory.
Run the server:
cd build/test
# For PreAcher
./cdn&
./server&
# For DuoHash
./hash-cdn&
./hash-server&Visit the website at https://localhost:8000/ and test the system.
Please cite us if this work is helpful to you.
@inproceedings{DBLP:conf/nsdi/preacher,
author = {Shihan Lin and
Suting Chen and
Yunming Xiao and
Yanqi Gu and
Xiaowei Yang and
Aleksandar Kuzmanovic},
title = {PreAcher: Secure and Practical Password Pre-Authentication by Content Delivery Networks},
booktitle = {22nd {USENIX} Symposium on Networked Systems Design and Implementation,
{NSDI} 2025, Philadelphia, PA, April 28-30, 2025},
publisher = {{USENIX} Association},
year = {2025}
}
... Thanks for their great work!