Related papers: On the Security of Liaw et al.'s Scheme
Remote SIM provisioning (RSP) for consumer devices is the protocol specified by the GSM Association for downloading SIM profiles into a secure element in a mobile device. The process is commonly known as eSIM, and it is expected to replace…
In this paper we propose Time Synchronized One-Time-Password scheme to provide secure wake up authentication. The main constraint of wireless sensor networks is their limited power resource that prevents us from using radio transmission…
Risk-based authentication (RBA) extends authentication mechanisms to make them more robust against account takeover attacks, such as those using stolen passwords. RBA is recommended by NIST and NCSC to strengthen password-based…
An authenticated encryption scheme allows messages to be encrypted and authenticated simultaneously. In 2003, Ma and Chen proposed such a scheme with public verifiability. That is, in their scheme the receiver can efficiently prove to a…
Keystroke timing based active authentication systems are conceptually attractive because: (i) they use the keyboard as the sensor and are not hardware-cost prohibitive, and (ii) they use the keystrokes generated from normal usage of…
With the development of Internet, privacy has become a primary concern of users. Anonymous authentication plays an important role in privacy-preserving systems. A $k$-times anonymous authentication ($k$-TAA) scheme allows a group member to…
Personal authentication is an important process we encounter almost every day; when we are logging on a computer, entering a company where we work, or a restricted area, when we are using our plastic credit cards to pay for a service or to…
User authentication can rely on various factors (e.g., a password, a cryptographic key, biometric data) but should not reveal any secret or private information. This seemingly paradoxical feat can be achieved through zero-knowledge proofs.…
This article presents an analysis of the secure key broadcasting scheme proposed by Wu, Ruan, Lai and Tseng. The study of the parameters of the system is based on a connection with a special type of symmetric equations over finite fields.…
With the rapid advancements in technology, automation has emerged as the future of human endeavors. From simple tasks like attendance management to complex security systems, automation has the potential to revolutionize various aspects of…
In this work, we exploit a serious security flaw in a code-based signature scheme from a 2019 work by Liu, Yang, Han and Wang. They adapt the McEliece cryptosystem to obtain a new scheme and, on top of this, they design an efficient digital…
With the rising number of IoT devices, the security of such devices becomes increasingly important. Remote attestation (RA) is a distinct security service that allows a remote verifer to reason about the state of an untrusted remote prover…
Online services commonly attempt to verify the legitimacy of users with CAPTCHAs. However, CAPTCHAs are annoying for users, often difficult for users to solve, and can be defeated using cheap labor or, increasingly, with improved…
Social authentication has been suggested as a usable authentication ceremony to replace manual key authentication in messaging applications. Using social authentication, chat partners authenticate their peers using digital identities…
Shamir or Blakley secret sharing schemes are used for the authentication process in the studies before, but still secure group authentication and hand-over process remain as challenges in group authentication approaches. In this study, a…
Transparent authentication (TA) schemes are those in which a user is authenticated by a verifier without requiring explicit user interaction. By doing so, those schemes promise high usability and security simultaneously. The majority of TA…
Authentication with username and password is becoming an inconvenient process for the user. End users typically have little control over their personal privacy, and data breaches effecting millions of users have already happened several…
Mutual TLS (mTLS) provides strong, certificate-based authentication for both clients and servers, yet its adoption for user-facing websites remains rare. This paper presents a longitudinal study of mTLS usability, tracking 46 senior and…
The Internet of Medical Things (IoMT) has revolutionized healthcare by transforming medical operations into standardized, interoperable services. However, this service-oriented model introduces significant security vulnerabilities in device…
Biometric authentication systems are presented as the best way to reach high security levels in controlling access to IT systems or sensitive infrastructures. But several issues are often not taken properly into account. In order for the…