Related papers: T/Key: Second-Factor Authentication From Secure Ha…
With the rise of sophisticated authentication bypass techniques, passwords are no longer considered a reliable method for securing authentication systems. In recent years, new authentication technologies have shifted from traditional…
The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for…
A process for the secure transmission of data is presented that has to a certain degree the advantages of the one-time pad (OTP) cipher, that is, simplicity, speed, and information-theoretically security, but overcomes its fundamental…
This work focuses on the problem of detection and prevention of stolen and misused secrets (such as private keys) for authentication toward centralized services. We propose a solution for such a problem based on the blockchain-based…
A one-time pad (OTP) based cipher to insure both data protection and integrity when mobile code arrives to a remote host is presented. Data protection is required when a mobile agent could retrieve confidential information that would be…
We present True2F, a system for second-factor authentication that provides the benefits of conventional authentication tokens in the face of phishing and software compromise, while also providing strong protection against token faults and…
With the recent rise of cryptocurrencies' popularity, the security and management of crypto-tokens have become critical. We have witnessed many attacks on users and providers, which have resulted in significant financial losses. To remedy…
Passwordless authentication was first tested for seamless and secure merchant payments without the use of passwords or pins. It opened a whole new world of authentications giving up the former reliance on traditional passwords. It relied on…
Authentication is the first step toward establishing a service provider and customer (C-P) association. In a mobile network environment, a lightweight and secure authentication protocol is one of the most significant factors to enhance the…
One-time-pad (OTP) encryption simply cannot be cracked, even by a quantum computer. The need of sharing in a secure way supplies of symmetric random keys turned the method almost obsolete as a standing-alone method for fast and large volume…
In the smart grid, smart meters, and numerous control and monitoring applications employ bidirectional wireless communication, where security is a critical issue. In key management based encryption method for the smart grid, the Trusted…
Among the problems to guarantee secrecy for in-transit information, the difficulties involved in renewing cryptographic keys in a secure way using couriers, the perfect secrecy encryption method known as One-Time-Pad (OTP) became almost…
Asymmetric password based key exchange is a key exchange protocol where a client and a server share a low entropic password while the server additionally owns a high entropic secret for a public key. There are simple solutions for this…
Two-factor authentication (2FA) schemes that rely on a combination of knowledge factors (e.g., PIN) and device possession have gained popularity. Some of these schemes remain secure even against strong adversaries that (a) observe the…
This paper presents a novel solution to the age long problem of password security at input level. In our solution, each of the various characters from which a password could be composed is encoded with a random single digit integer and…
Users' devices, e.g., smartphones or laptops, are typically incapable of securely storing and processing cryptographic keys. We present Tandem, a novel set of protocols for securing cryptographic keys with support from a central server.…
Credential theft and remote attacks are the most serious threats to user authentication mechanisms. The crux of these problems is that we cannot control such behaviors. However, if a password does not contain user secrets, stealing it is…
In the distributed environment, authentication and key exchange mechanisms play a major role. In general, for authentication, the client and the server mutually exchange a common cryptographic key. In earlier, passwords were stored on a…
We study the security of a specific authentication procedure of interest in the context of Quantum Key Distribution (QKD). It works as follows: use a secret but fixed Strongly Universal$_2$ (SU$_2$) hash function and encrypt the output tag…
Threshold cryptography has gained momentum in the last decades as a mechanism to protect long term secret keys. Rather than having a single secret key, this allows to distribute the ability to perform a cryptographic operation such as…