Related papers: A Secure and Improved Multi Server Authentication …
The piggy bank idea allows one-way encryption of information that can be accessed only by authorized parties. Here we show how the piggy bank idea can be used to authenticate parties to counter man-in-the-middle (MIM) attack that can…
Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a single short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme…
With the increasing number of connected devices and complex networks involved, current domain-specific security techniques become inadequate for diverse large-scale Internet of Things (IoT) systems applications. While cross-domain…
Attacks targeting several millions of non-internet based application users are on the rise. These applications such as SMS and USSD typically do not benefit from existing multi-factor authentication methods due to the nature of their…
There are around 5.3 billion Internet users, amounting to 65.7% of the global population, and web technology is the backbone of the services delivered via the Internet. To ensure web applications are free from security-related bugs, web…
Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when feature values widely differ from previously observed ones. It is…
As researchers, we already understand how to make testing more effective and efficient at finding bugs. However, as fuzzing (i.e., automated testing) becomes more widely adopted in practice, practitioners are asking: Which assurances does a…
Identity-based code signing enables software developers to digitally sign their code using cryptographic keys. This key is then linked to an identity (e.g., through an identity provider), allowing signers to verify both the code's origin…
With the rise of artificial intelligence and machine learning, a new wave of private information is being flushed into applications. This development raises privacy concerns, as private datasets can be stolen or abused for non-authorized…
Phishing attacks represent an increasingly sophisticated and pervasive threat to individuals and organizations, causing significant financial losses, identity theft, and severe damage to institutional reputations. Existing phishing…
This study leverages the data representation capability of fuzzy based membership-mappings for practical secure distributed deep learning using fully homomorphic encryption. The impracticality issue of secure machine (deep) learning with…
Blockchain brings various advantages to online transactions. However, the total transparency of these transactions may leakage users' sensitive information. Requirements on both cooperation and anonymity for companies/organizations become…
Federated learning is a collaborative method that aims to preserve data privacy while creating AI models. Current approaches to federated learning tend to rely heavily on secure aggregation protocols to preserve data privacy. However, to…
Risk-based Authentication (RBA) is an adaptive security measure that improves the security of password-based authentication by protecting against credential stuffing, password guessing, or phishing attacks. RBA monitors extra features…
Vulnerability Discovery with attack Injection security threats are increasing for the server software, when software is developed, the software tested for the functionality. Due to unawareness of software vulnerabilities most of the…
In recent times, a necessity has been raised in order to distribute computing applications often across grids. These applications are dependent on the services like data transfer or data portal services as well as submission of jobs.…
As a case study in cryptographic binding, we present a formal-methods analysis of the cryptographic channel binding mechanisms in the Fast IDentity Online (FIDO) Universal Authentication Framework (UAF) authentication protocol, which seeks…
Testing network protocol implementations is critical for ensuring the reliability, security, and interoperability of distributed systems. Faults in protocol behavior can lead to vulnerabilities and system failures, especially in real-time…
A user who does not have a quantum computer but wants to perform quantum computations may delegate his computation to a quantum cloud server. In order that the delegation works, it must be assured that no evil server can obtain any…
Arbitrated quantum signatures (AQS), for signing quantum message, have been proposed. It was claimed that the AQS schemes could guarantee unconditional security. However, in this paper, we show that all the presented AQS protocols are…