Related papers: PALPAS - PAsswordLess PAssword Synchronization
With the rapid advancement of wireless network technology, usage of WSN in real time applications like military, forest monitoring etc. found increasing. Generally WSN operate in an unattended environment and handles critical data.…
Vulnerabilities related to weak passwords are a pressing global economic and security issue. We report a novel, simple, and effective approach to address the weak password problem. Building upon chaotic dynamics, criticality at phase…
Data sharing is a prerequisite for collaborative innovation, enabling organizations to leverage diverse datasets for deeper insights. In real-world applications like FinTech and Smart Manufacturing, transactional data, often in tabular…
Passwords are widely used for client to server authentication as well as for encrypting data stored in untrusted environments, such as cloud storage. Both, authentication and encrypted cloud storage, are usually discussed in isolation. In…
Implicit authentication consists of a server authenticating a user based on the user's usage profile, instead of/in addition to relying on something the user explicitly knows (passwords, private keys, etc.). While implicit authentication…
While many resource-constrained networks, such as Internet of Things (IoT) and Internet of Vehicles (IoV), are inherently distributed, the majority still rely on central servers for fast authentication and data sharing. Blockchain-based…
We introduce GOTCHAs (Generating panOptic Turing Tests to Tell Computers and Humans Apart) as a way of preventing automated offline dictionary attacks against user selected passwords. A GOTCHA is a randomized puzzle generation protocol,…
WPA2-Personal is widely used to protect Wi-Fi networks against illicit access. While attackers typically use GPUs to speed up the discovery of weak network passwords, attacking random passwords is considered to quickly become infeasible…
Recently, Abdalla et al. proposed a new gateway-oriented password-based authenticated key exchange (GPAKE) protocol among a client, a gateway, and an authentication server, where each client shares a human-memorable password with a trusted…
One-time-pad (OTP) encryption simply cannot be cracked, even by a quantum computer. The need of sharing in a secure way supplies of symmetric random keys turned the method almost obsolete as a standing-alone method for fast and large volume…
The current landscape of scientific research is widely based on modeling and simulation, typically with complexity in the simulation's flow of execution and parameterization properties. Execution flows are not necessarily straightforward…
Password authentication suffers from the well-known tradeoff between security and usability. Secure passwords are difficult for users to remember, and memorable passwords are often easy to guess. SPARse Two-dimensional AuthenticatioN…
Key Assignment Schemes (KASs) have been extensively studied in the context of cryptographically-enforced access control, where derived keys are used to decrypt protected resources. In this paper, we explore the use of KASs in entity…
Inverting the hash values by performing brute force computation is one of the latest security threats on password based authentication technique. New technologies are being developed for brute force computation and these increase the…
Remote attestation protocols are widely used to detect device configuration (e.g., software and/or data) compromise in Internet of Things (IoT) scenarios. Unfortunately, the performances of such protocols are unsatisfactory when dealing…
We propose the use of PAKE for achieving and enhancing entity authentication (EA) and key management (KM) in the context of decentralized end-to-end encrypted email and secure messaging, i.e., where neither a public key infrastructure nor…
The ability to hide information from unauthorized individuals has been a prevalent issue over the years. Countless algorithms such as DES, AES and SHA have been developed. These algorithms depend on varying key length and key management…
Security of financial transaction in e-commerce is difficult to implement and there is a risk that users confidential data over the internet may be accessed by hackers. Unfortunately, interacting with an online service such as a banking web…
Location-based Services (LBSs) provide valuable services, with convenient features for users. However, the information disclosed through each request harms user privacy. This is a concern particularly with honest-but-curious LBS servers,…
In network management, when it comes to security breaches, human error constitutes a dominant factor. We present our tool topoS which automatically synthesizes low-level network configurations from high-level security goals. The automation…