Secure Key Storage using Encrypted Negative Password

secure password storage is very much important thing for the systems which are based on password authentication. Because of the simplicity and efficiency it has been widely used. In ourframework, first, the received plain password from a client is hashed through a cryptographic hash function (e.g., SHA-256).Then, the hashed password is converted into a negative password.Finally, the negative password is encrypted into an encrypted negative Password (abbreviated as ENP) using a symmetric-key algorithm (e.g., AES), and multi iteration encryption could be employed to further improve security. The algorithm complexity analyses and comparisons show that the ENP could resist lookup table attack and provide stronger password protection under dictionary attack. It is worthmentioning that the ENP does not introduce extra elements (e.g., salt). Besides this, the ENP could still resist precomputation attacks. Most importantly, the ENP is the first password protection scheme that combines the cryptographic hash function, the negative password and the symmetric-key algorithm, without the need for additional information except the plain password.