English
Related papers

Related papers: Mitigating CSRF attacks on OAuth 2.0 and OpenID Co…

200 papers

With the rise of attacks on online accounts in the past years, more and more services offer two-factor authentication for their users. Having factors out of two of the three categories something you know, something you have and something…

Cryptography and Security · Computer Science 2022-07-07 Timon Hackenjos , Benedikt Wagner , Julian Herr , Jochen Rill , Marek Wehmer , Niklas Goerke , Ingmar Baumgart

Multi-Factor Authentication is intended to strengthen the security of password-based authentication by adding another factor, such as hardware tokens or one-time passwords using mobile apps. However, this increased authentication security…

Cryptography and Security · Computer Science 2023-09-20 Sabrina Amft , Sandra Höltervennhoff , Nicolas Huaman , Alexander Krause , Lucy Simko , Yasemin Acar , Sascha Fahl

Authentication with username and password is becoming an inconvenient process for the user. End users typically have little control over their personal privacy, and data breaches effecting millions of users have already happened several…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-06-09 Zoltán András Lux , Dirk Thatmann , Sebastian Zickau , Felix Beierle

Smart card based authentication schemes are used in various fields like e-banking, e-commerce, wireless sensor networks, medical system and so on to authenticate the both remote user and the application server during the communication via…

Cryptography and Security · Computer Science 2015-02-18 Tanmoy Maitra

Cross-Site Request Forgery (CSRF) vulnerabilities are a severe class of web vulnerabilities that have received only marginal attention from the research and security testing communities. While much effort has been spent on countermeasures…

Cryptography and Security · Computer Science 2017-08-30 Giancarlo Pellegrino , Martin Johns , Simon Koch , Michael Backes , Christian Rossow

Recently, various side-channel attacks on widely used encryption methods have been discovered. Extensive research is currently undertaken to develop new types of combined encryption and authentication mechanisms. Developers of security…

Cryptography and Security · Computer Science 2007-05-23 Hans-Rudolf Thomann

Cloud-based services have become part of our day-to-day software solutions. The identity authentication process is considered to be the main gateway to these services. As such, these gates have become increasingly susceptible to aggressive…

Cryptography and Security · Computer Science 2017-11-27 Marwan Darwish , Abdelkader Ouda , Luiz Fernando Capretz

Online services have difficulties to replace passwords with more secure user authentication mechanisms, such as Two-Factor Authentication (2FA). This is partly due to the fact that users tend to reject such mechanisms in use cases outside…

Cryptography and Security · Computer Science 2023-03-23 Vincent Unsel , Stephan Wiefling , Nils Gruschka , Luigi Lo Iacono

Recently, authenticating users with the help of their friends (i.e., trustee-based social authentication) has been shown to be a promising backup authentication mechanism. A user in this system is associated with a few trustees that were…

Cryptography and Security · Computer Science 2016-11-18 Neil Zhenqiang Gong , Di Wang

Everyone is concerned about the Internet security, yet most traffic is not cryptographically protected. The usual justification is that most attackers are only off-path and cannot intercept traffic; hence, challenge-response mechanisms…

Cryptography and Security · Computer Science 2013-05-07 Yossi Gilad , Amir Herzberg , Haya Shulman

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas

WebGL is a browser feature that enables JavaScript-based control of the graphics processing unit (GPU) to render interactive 3D and 2D graphics, without the use of plug-ins. Exploiting WebGL for attacks will affect billions of users since…

Cryptography and Security · Computer Science 2019-05-01 Alex Belkin , Nethanel Gelernter , Israel Cidon

Credential stuffing attacks use stolen passwords to log into victim accounts. To defend against these attacks, recently deployed compromised credential checking (C3) services provide APIs that help users and companies check whether a…

Cryptography and Security · Computer Science 2022-03-25 Bijeeta Pal , Mazharul Islam , Marina Sanusi , Nick Sullivan , Luke Valenta , Tara Whalen , Christopher Wood , Thomas Ristenpart , Rahul Chattejee

Attackers increasingly, and with high success rates, use social engineering techniques to circumvent second factor authentication (2FA) technologies, compromise user accounts and sidestep fraud detection technologies. We introduce a social…

Cryptography and Security · Computer Science 2020-01-20 Markus Jakobsson

Nowadays, most online services offer different authentication methods that users can set up for multi-factor authentication but also as a recovery method. This configuration must be done thoroughly to prevent an adversary's access while…

Cryptography and Security · Computer Science 2024-03-25 Andre Büttner , Nils Gruschka

With web applications becoming a preferred method of presenting graphical user interfaces to users, software vulnerabilities affecting web applications are becoming more and more prevalent and devastating. Some of these vulnerabilities,…

Cryptography and Security · Computer Science 2019-08-14 Michael Flanders

The Internet of Things (IoT) has seen remarkable advancements in recent years, leading to a paradigm shift in the digital landscape. However, these technological strides have introduced new challenges, particularly in cybersecurity. IoT…

Cryptography and Security · Computer Science 2025-01-03 Nivedita Singh , Rajkumar Buyya , Hyoungshich Kim

The unprecedented proliferation of smart devices together with novel communication, computing, and control technologies have paved the way for the Advanced Internet of Things~(A-IoT). This development involves new categories of capable…

Networking and Internet Architecture · Computer Science 2024-10-30 Aleksandr Ometov , Vitaly Petrov , Sergey Bezzateev , Sergey Andreev , Yevgeni Koucheryavy , Mario Gerla

Radio Frequency Identification (RFID) systems are among the most widespread computing technologies with technical potential and profitable opportunities in numerous applications worldwide. Further, RFID is the core technology behind the…

Cryptography and Security · Computer Science 2021-10-04 Luciano Gavoni

We show how an off-path (spoofing-only) attacker can perform cross-site scripting (XSS), cross-site request forgery (CSRF) and site spoofing/defacement attacks, without requiring vulnerabilities in either web-browser or server and…

Cryptography and Security · Computer Science 2012-05-01 Yossi Gilad , Amir Herzberg