Related papers: On the Security of Liaw et al.'s Scheme
Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…
The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for…
Unauthorized credit inquiries are also a central entry point for identity theft, with Social Security Numbers (SSNs) being widely utilized in fraudulent cases. Traditional credit inquiry systems do not usually possess strict user…
The first step of a secure communication is authenticating legible users and detecting the malicious ones. In the last recent years, some promising schemes proposed using wireless medium network's features, in particular, channel state…
Trusted Execution Environments (TEEs) are rapidly emerging as a root-of-trust for protecting sensitive applications and data using hardware-backed isolated worlds of execution. TEEs provide robust assurances regarding critical algorithm…
Cloud computing can provide a flexible way to effectively share data among multiple users since it can overcome the time and location constraints of computing resource usage. However, the users of cloud computing are still reluctant to…
The Internet of Things (IoT) has rapidly expanded across various sectors, with consumer IoT devices - such as smart thermostats and security cameras - experiencing growth. Although these devices improve efficiency and promise additional…
A secure human identification protocol aims at authenticating human users to a remote server when even the users' inputs are not hidden from an adversary. Recently, the authors proposed a human identification protocol in the RSA Conference…
Very recently, Barman et al. proposed a multi-server authentication protocol using fuzzy commitment. The authors claimed that their protocol provides anonymity while resisting all known attacks. In this paper, we analyze that Barman et…
Relay attacks are a major concern for RFID systems: during an authentication process an adversary transparently relays messages between a verifier and a remote legitimate prover. We present an authentication protocol suited for RFID…
In this paper, we show that by using inertial sensor data generated by a smart ring, worn on the finger, the user can be authenticated when making mobile payments or when knocking on a door (for access control). The proposed system can be…
The Internet of Things (IoT) is an emerging paradigm that allows to set large networks of small and independent devices. To ensure their integrity, practitioners employ so-called Remote Attestation (RA) schemes. Classic RA schemes require a…
One-time login process in conventional authentication systems does not guarantee that the identified user is the actual user throughout the session. However, it is necessary to re-verify the user identity periodically throughout a login…
Authentication and authorization are critical security layers to protect a wide range of online systems, services and content. However, the increased prevalence of wearable and mobile devices, the expectations of a frictionless experience…
To meet the diverse needs of users, the rapid advancement of cloud-edge-device collaboration has become a standard practice. However, this complex environment, particularly in untrusted (non-collaborative) scenarios, presents numerous…
With the ubiquitous advancement in smart medical devices and systems, the potential of Remote Patient Monitoring (RPM) network is evolving in modern healthcare systems. The medical professionals (doctors, nurses, or medical experts) can…
Group authentication is a method of confirmation that a set of users belong to a group and of distributing a common key among them. Unlike the standard authentication schemes where one central authority authenticates users one by one, group…
The proliferation of sensitive information being stored online highlights the pressing need for secure and efficient user authentication methods. To address this issue, this paper presents a novel zero-effort two-factor authentication (2FA)…
Physical unclonable functions have been shown a useful resource of randomness for implementing various cryptographic tasks including entity authentication. All of the related entity authentication protocols that have been discussed in the…
We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the…