Efficient and anonymous password-hardened encryption services

Password-based authentication and encryption schemes are commonly employed to ensure data privacy. Nevertheless, these schemes are vulnerable to brute-force attacks, as user passwords have low-entropy. Password-hardened encryption (PHE) was proposed to combat brute-force attacks by introducing an external crypto service to enforce rate limiting for user requests. However, existing PHE schemes fail to provide user anonymity and need to rely on computationally expensive cryptographic primitives (e.g. zero-knowledge proofs and exponentiations). In this paper, we introduce cross-epoch anonymity in PHE to trade off rate limiting and per-user anonymity. The user requests within the same epoch can be linked by the external crypto service to enforce rate limiting and defend against brute-force attacks, while the requests from different epochs cannot be linked to specific users, ensuring per-user anonymity. Subsequently, we propose an anonymous PHE (APHE) scheme that leverages the trusted execution environment provided by Intel SGX to achieve cross-epoch anonymity. Our scheme achieves both soundness and strong soundness without using zero-knowledge proofs and exponentiations. Sensitive operations are executed within the trusted execution environment, leading to significant performance improvements. The evaluation results demonstrate that our scheme outperforms the state-of-the-art PHE scheme with more than 12/9 times lower latencies for encryption/decryption.