Abstract: Techniques are provided for secure detection and management of compromised credentials. A first candidate credential is received, comprising a first username and a first password, wherein the first candidate credential was sent in a first request from a first client computer to log in to a first server computer. A first salt associated with the first username in a salt database is obtained. A first hashed credential is generated based on the first password and the first salt. The first hashed credential is transmitted to a set model server computer, wherein the set model server computer is configured to maintain a set model that represents a set of spilled credentials, determine whether the first hashed credential is represented in the set model, and in response to determining that the first hashed credential is represented in the set model, performing additional processing on the first hashed credential.

Abstract: Techniques are provided for secure detection and management of compromised credentials. A first candidate credential is received, comprising a first username and a first password, wherein the first candidate credential was sent in a first request from a first client computer to log in to a first server computer. A first salt associated with the first username in a salt database is obtained. A first hashed credential is generated based on the first password and the first salt. The first hashed credential is transmitted to a set model server computer, wherein the set model server computer is configured to maintain a set model that represents a set of spilled credentials, determine whether the first hashed credential is represented in the set model, and in response to determining that the first hashed credential is represented in the set model, performing additional processing on the first hashed credential.

Abstract: This disclosure contains three parts. First, it provides a quantitative analysis on the weaknesses of the physical layer built-in security of the operational and the proposed 3G spread spectrum based wireless communication systems. Second, it incorporates advanced cryptographic techniques into wireless transceiver design. More specifically, it proposes an AES based secure scrambling process to enhance the physical layer built-in security of spread spectrum systems, and therefore formulates a joint physical layer and network layer privacy protection scheme. Third, it provides an AES based secure interleaving process to ensure excellent system performance over channels experiencing severe fading and/or burst errors. The proposed schemes can be extended to general wireless systems in multiple ways.