English
Related papers

Related papers: T/Key: Second-Factor Authentication From Secure Ha…

200 papers

We construct a new protocol for attribute-based encryption with the use of the modification of the standard secret sharing scheme. In the suggested modification of the secret sharing scheme, only one master key for each user is required…

Cryptography and Security · Computer Science 2020-11-24 M. A. Kudinov , A. A. Chilikov , E. O. Kiktenko , A. K. Fedorov

Passwordless authentication has revolutionized the way we authenticate across various websites and services. FIDO2 Passkeys, is one of the most-widely adopted standards of passwordless authentication that promises phishing-resistance.…

Cryptography and Security · Computer Science 2025-12-29 Aditya Mitra , Sibi Chakkaravarthy Sethuraman

We present the first general construction of a Multi-Factor Key Derivation Function (MFKDF). Our function expands upon password-based key derivation functions (PBKDFs) with support for using other popular authentication factors like TOTP,…

Cryptography and Security · Computer Science 2023-08-31 Vivek Nair , Dawn Song

We propose a two-factor authentication (2FA) mechanism called 2D-2FA to address security and usability issues in existing methods. 2D-2FA has three distinguishing features: First, after a user enters a username and password on a login…

Cryptography and Security · Computer Science 2021-11-01 Maliheh Shirvanian , Shashank Agrawal

The existing authentication system has two entry points (i.e., username and password fields) to interact with the outside, but neither of them has a gatekeeper, making the system vulnerable to cyberattacks. In order to ensure the…

Cryptography and Security · Computer Science 2024-09-26 Suyun Borjigin

The use of passwords and the need to protect passwords are not going away. The majority of websites that require authentication continue to support password authentication. Even high-security applications such as Internet Banking portals,…

Networking and Internet Architecture · Computer Science 2020-11-13 Teik Guan Tan , Pawel Szalachowski , Jianying Zhou

Today, Internet of Things (IoT) technology is being increasingly popular which is applied in a wide range of industry sectors such as healthcare, transportation and some critical infrastructures. With the widespread applications of IoT…

Cryptography and Security · Computer Science 2019-02-12 Jingwei Liu , Ailian Ren , Lihuan Zhang , Rong Sun , Xiaojiang Du , Mohsen Guizani

To prevent password breaches and guessing attacks, banks increasingly turn to two-factor authentication (2FA), requiring users to present at least one more factor, such as a one-time password generated by a hardware token or received via…

Cryptography and Security · Computer Science 2015-01-20 Kat Krol , Eleni Philippou , Emiliano De Cristofaro , M. Angela Sasse

Electronic documents are signed using private keys and verified using the corresponding digital certificates through the well-known public key infrastructure model. Private keys must be kept in a safe container so they can be reused. This…

Cryptography and Security · Computer Science 2024-08-02 Lucas Mayr , Gustavo Zambonin , Frederico Schardong , Ricardo Custódio

Information-theoretic topological secure aggregation (TSA)\cite{zhang2026information_regular} enables distributed users to compute neighborhood sums over arbitrary networks without revealing individual inputs, while remaining…

Information Theory · Computer Science 2026-05-06 Xiang Zhang , Han Yu , Zhou Li , Yizhou Zhao , Giuseppe Caire

Passwords are ubiquitous and most commonly used to authenticate users when logging into online services. Using high entropy passwords is critical to prevent unauthorized access and password policies emerged to enforce this requirement on…

Cryptography and Security · Computer Science 2018-02-15 Khoa Nguyen , Benjamin Hong Meng Tan , Huaxiong Wang

To protect users from data breaches and phishing attacks, service providers typically implement two-factor authentication (2FA) to add an extra layer of security against suspicious login attempts. However, since 2FA can sometimes hinder…

Cryptography and Security · Computer Science 2024-11-19 Zhi Wang , Xin Yang , Du Chen , Han Gao , Meiqi Tian , Yan Jia , Wanpeng Li

In blockchains such as Bitcoin and Ethereum, transactions represent the primary mechanism that the external world can use to trigger a change of blockchain state. Transactions serve as key sources of evidence and play a vital role in…

Cryptography and Security · Computer Science 2024-05-15 Chao Li , Balaji Palanisamy

Storing data on an external server with information-theoretic security, while using a key shorter than the data itself, is impossible. As an alternative, we propose a scheme that achieves information-theoretically secure tamper evidence:…

Quantum Physics · Physics 2022-01-25 Bart van der Vecht , Xavier Coiteux-Roy , Boris Skoric

Using the computational resources of an untrusted third party to crack a password hash can pose a high number of privacy and security risks. The act of revealing the hash digest could in itself negatively impact both the data subject who…

Cryptography and Security · Computer Science 2023-06-16 Norbert Tihanyi , Tamas Bisztray , Bertalan Borsos , Sebastien Raveau

Password managers are important tools that enable us to use stronger passwords, freeing us from the cognitive burden of remembering them. Despite this, there are still many users who do not fully trust password managers. In this paper, we…

Cryptography and Security · Computer Science 2021-06-22 Miguel Grilo , João F. Ferreira , José Bacelar Almeida

Password users frequently employ passwords that are too simple, or they just reuse passwords for multiple websites. A common complaint is that utilizing secure passwords is too difficult. One possible solution to this problem is to use a…

Cryptography and Security · Computer Science 2019-06-04 Elan Rosenfeld , Santosh Vempala , Manuel Blum

A fully homomorphic encryption system hides data from unauthorized parties, while still allowing them to perform computations on the encrypted data. Aside from the straightforward benefit of allowing users to delegate computations to a more…

Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when feature values widely differ from previously observed ones. It is…

Cryptography and Security · Computer Science 2022-11-11 Stephan Wiefling , Paul René Jørgensen , Sigurd Thunem , Luigi Lo Iacono

Entropically secure encryption is a way to encrypt a large plaintext with a small key and still have information-theoretic security, thus in a certain sense circumventing Shannon's result that perfect encryption requires the key to be at…

Quantum Physics · Physics 2025-07-01 Mehmet Huseyin Temel , Boris Skoric