The Pythia PRF Service

Adam Everspaugh, Rahul Chatterjee, Ari Juels, Samuel Scott, Thomas Ristenpart

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Conventional cryptographic services such as hardware-security modules and
software-based key management systems offer the ability to apply a pseudorandom function (PRF) such as HMAC to inputs of a client's choosing. These services are used, for example, to harden stored password hashes against offline brute-force attacks. We propose a modern PRF service called PYTHIA designed to offer a level of flexibility, security, and ease of deployability lacking in prior approaches.
Original languageEnglish
Title of host publicationProceedings of the 24th USENIX Conference on Security Symposium
PublisherUSENIX Association
Number of pages15
Publication statusPublished - Aug 2015

Cite this