English
Related papers

Related papers: True2F: Backdoor-resistant authentication tokens

200 papers

Despite being more secure and strongly promoted, two-factor (2FA) or multi-factor (MFA) schemes either fail to protect against recent phishing threats such as real-time MITM, controls/relay MITM, malicious browser extension-based phishing…

Cryptography and Security · Computer Science 2024-06-14 Sneha Shukla , Gaurav Varshney , Shreya Singh , Swati Goel

Fast Identity Online 2 (FIDO2), a modern authentication protocol, is gaining popularity as a default strong authentication mechanism. It has been recognized as a leading candidate to overcome limitations (e.g., it is phishing resistant) of…

Cryptography and Security · Computer Science 2023-09-14 Michal Kepkowski , Maciej Machulak , Ian Wood , Dali Kaafar

This paper address a new problem in RFID authentication research for the first time. That is, existing RFID authentication schemes generally assume that the backend server is absolutely secure, however, this assumption is rarely tenable in…

Cryptography and Security · Computer Science 2014-05-01 Wei Xie , Chen Zhang , Quan Zhang , Chaojing Tang

FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication but traditionally rely on device-bound cryptographic keys that are not naturally portable across user devices. Recent passkey deployments address this…

Cryptography and Security · Computer Science 2026-01-13 Kemal Bicakci , Fatih Mehmet Varli , Muhammet Emir Korkmaz , Yusuf Uzunay

The proliferation of sensitive information being stored online highlights the pressing need for secure and efficient user authentication methods. To address this issue, this paper presents a novel zero-effort two-factor authentication (2FA)…

Cryptography and Security · Computer Science 2023-03-07 Ali Abdullah S. AlQahtani , Thamraa Alshayeb

Considering computer systems, security is the major concern with usability. Security policies need to be developed to protect information from unauthorized access. Passwords and secrete codes used between users and information systems for…

Cryptography and Security · Computer Science 2014-02-27 Sharayu A. Aghav , RajneeshKaur Bedi

With the ongoing digitalisation of our everyday tasks, more and more eGovernment services make it possible for citizens to take care of their administrative obligations online. This type of services requires a certain assurance level for…

Computers and Society · Computer Science 2017-07-21 Daniel Träder , Alexander Zeier , Andreas Heinemann

Authentication schemes are practised globally to verify the legitimacy of users and servers for the exchange of data in different facilities. Generally, the server verifies a user to provide resources for different purposes. But due to the…

Cryptography and Security · Computer Science 2020-04-22 Trupil Limbasiya , Sanjay K. Sahay

Previous Web access authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. This paper proposes a new protocol using multifactor authentication system that is…

Cryptography and Security · Computer Science 2011-11-15 Ayu Tiwari , Sudip Sanyal , Ajith Abraham , Svein Johan Knapskog , Sugata Sanyal

Provisioning is the starting point of the whole life-cycle of IoT devices. The traditional provisioning methods of IoT devices are facing several issues, either about user experience or privacy harvesting. Moreover, IoT devices are…

Cryptography and Security · Computer Science 2019-06-17 Wang Kang

Biometric authentication systems pose privacy risks, as leaked templates such as iris or fingerprints can lead to security breaches. Fully Homomorphic Encryption (FHE) enables secure encrypted evaluation, but its deployment is hindered by…

Cryptography and Security · Computer Science 2025-06-17 Joon Soo Yoo , Tae Min Ahn , Ji Won Yoon

Two-factor authentication protects online accounts even if passwords are leaked. Most users, however, prefer password-only authentication. One reason why two-factor authentication is so unpopular is the extra steps that the user must…

Cryptography and Security · Computer Science 2015-08-04 Nikolaos Karapanos , Claudio Marforio , Claudio Soriente , Srdjan Capkun

Biometric authentication is one of the promising alternatives to standard password-based authentication offering better usability and security. In this work, we revisit the biometric authentication based on "fuzzy signatures" introduced by…

Cryptography and Security · Computer Science 2021-12-17 Shuichi Katsumata , Takahiro Matsuda , Wataru Nakamura , Kazuma Ohara , Kenta Takahashi

With the recent rise of cryptocurrencies' popularity, the security and management of crypto-tokens have become critical. We have witnessed many attacks on users and providers, which have resulted in significant financial losses. To remedy…

Cryptography and Security · Computer Science 2023-12-04 Ivan Homoliak , Dominik Breitenbacher , Ondrej Hujnak , Pieter Hartel , Alexander Binder , Pawel Szalachowski

Approximately 61% of cyber attacks involve adversaries in possession of valid credentials. Attackers acquire credentials through various means, including phishing, dark web data drops, password reuse, etc. Multi-factor authentication (MFA)…

Cryptography and Security · Computer Science 2024-08-31 Sam Hays , Michael Sandborn , Jules White

The majority of current web authentication is built on username/password. Unfortunately, password replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose a new mutual authentication…

Cryptography and Security · Computer Science 2014-12-10 Yassine Sadqi , Ahmed Asimi , Younes Asimi

End-to-end encryption (E2EE) has emerged as a fundamental element of modern digital communication, protecting data from unauthorized access during transmission. By design, E2EE ensures that only the intended recipient can decrypt the…

Cryptography and Security · Computer Science 2025-09-15 Hamish Alsop , Leandros Maglaras , Helge Janicke , Iqbal H. Sarker , Mohamed Amine Ferrag

With the recent proliferation of distributed systems and networking, remote authentication has become a crucial task in many networking applications. Various schemes have been proposed so far for the two-party remote authentication;…

Cryptography and Security · Computer Science 2015-05-13 Al-Sakib Khan Pathan , Choong Seon Hong

This paper analyses the various authentication systems implemented for enhanced security and private re-position of an individual's log-in credentials. The first part of the paper describes the multi-factor authentication (MFA) systems,…

Cryptography and Security · Computer Science 2015-02-04 Tuhin Borgohain , Amardeep Borgohain , Uday Kumar , Sugata Sanyal

Credential compromise is hard to detect and hard to mitigate. To address this problem, we present larch, an accountable authentication framework with strong security and privacy properties. Larch protects user privacy while ensuring that…

Cryptography and Security · Computer Science 2024-09-24 Emma Dauterman , Danny Lin , Henry Corrigan-Gibbs , David Mazières