English
Related papers

Related papers: Technical Report on a Virtual CTAP2 WebAuthn Authe…

200 papers

Passwords are a fragile, inadequate, and insecure tool for authenticating users, and are especially fraught with problems when used to secure access to network resources and services. In many cases, passwords provide a false sense of…

Cryptography and Security · Computer Science 2012-09-06 Travis Z. Suel

The majority of current web authentication is built on username/password. Unfortunately, password replacement offers more security, but it is difficult to use and expensive to deploy. In this paper, we propose a new mutual authentication…

Cryptography and Security · Computer Science 2014-12-10 Yassine Sadqi , Ahmed Asimi , Younes Asimi

We propose a method for using Web Authentication APIs for SSH authentication, enabling passwordless remote server login with passkeys. These are credentials that are managed throughout the key lifecycle by an authenticator on behalf of the…

Cryptography and Security · Computer Science 2025-07-15 Moe Kayali , Jonas Schmitt , Franziska Roesner

Credential theft and remote attacks are the most serious threats to user authentication mechanisms. The crux of these problems is that we cannot control such behaviors. However, if a password does not contain user secrets, stealing it is…

Cryptography and Security · Computer Science 2024-06-03 Suyun Borjigin

With the rise of sophisticated authentication bypass techniques, passwords are no longer considered a reliable method for securing authentication systems. In recent years, new authentication technologies have shifted from traditional…

Cryptography and Security · Computer Science 2025-08-19 Lien Tran , Boyuan Zhang , Ratchanon Pawanja , Rashid Hussain Khokhar

We present True2F, a system for second-factor authentication that provides the benefits of conventional authentication tokens in the face of phishing and software compromise, while also providing strong protection against token faults and…

Cryptography and Security · Computer Science 2019-08-13 Emma Dauterman , Henry Corrigan-Gibbs , David Mazières , Dan Boneh , Dominic Rizzo

Authentication is the first step toward establishing a service provider and customer (C-P) association. In a mobile network environment, a lightweight and secure authentication protocol is one of the most significant factors to enhance the…

Cryptography and Security · Computer Science 2019-07-29 Muhammad Bilal , Shin-Gak Kang

Operating system and browser support that comes with the FIDO2 standard and the biometric user verification options increasingly available on smart phones has excited everyone, especially big tech companies, about the passwordless future.…

Cryptography and Security · Computer Science 2022-11-15 Kemal Bicakci , Yusuf Uzunay

Protecting personal computers (PCs) from unauthorized access typically relies on password authentication, which is know to suffer from cognitive burden and weak credentials. As many users nowadays carry mobile devices with advanced security…

Human-Computer Interaction · Computer Science 2025-07-15 Andreas Pramendorfer , Rainhard Dieter Findling

Metaverse in general holds a potential future for cyberspace. At the beginning of Web 2.0, it was witnessed that people were signing in with various pseudonyms or 'nyms', risking their online identities by increasing presence of fake…

Cryptography and Security · Computer Science 2023-01-06 Sibi Chakkaravarthy Sethuraman , Aditya Mitra , Anisha Ghosh , Gautam Galada , Anitha Subramanian

The majority of systems rely on user authentication on passwords, but passwords have so many weaknesses and widespread use that easily raise significant security concerns, regardless of their encrypted form. Users hold the same password for…

Cryptography and Security · Computer Science 2021-01-22 Vassilis Papaspirou , Leandros Maglaras , Mohamed Amine Ferrag , Ioanna Kantzavelou , Helge Janicke , Christos Douligeris

With the advent of cloud computing and the Internet, the commercialized website becomes capable of providing more web services, such as software as a service (SaaS) or function as a service (FaaS), for great user experiences. Undoubtedly,…

Cryptography and Security · Computer Science 2022-09-27 Gordon King , Hans Wang

In a scenario where hotspot wireless networks are increasingly being used, and given the amount of sensitive information exchanged on Internet interactions, there is the need to implement security mechanisms that guarantee data…

Networking and Internet Architecture · Computer Science 2022-05-30 Nuno Marques , André Zúquete , João Paulo Barraca

Modern smartphones support FIDO2 passwordless authentication using either external security keys or internal biometric authentication, but it is unclear whether users appreciate and accept these new forms of web authentication for their own…

Cryptography and Security · Computer Science 2023-04-21 Leon Würsching , Florentin Putz , Steffen Haesler , Matthias Hollick

OAuth 2.0 is the industry-standard protocol for authorization. It facilitates secure service provisioning, as well as secure interoperability among diverse stakeholders. All OAuth 2.0 protocol flows result in the creation of an access…

Cryptography and Security · Computer Science 2020-01-29 Nikos Fotiou , Iakovos Pittaras , Vasilios A. Siris , Spyros Voulgaris , George C. Polyzos

To keep a system secure, all devices in the system need to be benign. To avoid malicious and/or compromised devices, network access control such as authentication using a credential and remote attestation based on trusted hardware has been…

Cryptography and Security · Computer Science 2020-08-24 Takayuki Sasaki , Yusuke Shimada

FIDO2 and the WebAuthn standard offer phishing-resistant, public-key based authentication but traditionally rely on device-bound cryptographic keys that are not naturally portable across user devices. Recent passkey deployments address this…

Cryptography and Security · Computer Science 2026-01-13 Kemal Bicakci , Fatih Mehmet Varli , Muhammet Emir Korkmaz , Yusuf Uzunay

The emergence of mobile applications to execute sensitive operations has brought a myriad of security threats to both enterprises and users. In order to benefit from the large potential in smartphones there is a need to manage the risks…

Cryptography and Security · Computer Science 2016-06-10 Ahmad-Atamli Reineh , Giuseppe Petracca , Janne Uusilehto , Andrew Martin

Previous Web access authentication systems often use either the Web or the Mobile channel individually to confirm the claimed identity of the remote user. This paper proposes a new protocol using multifactor authentication system that is…

Cryptography and Security · Computer Science 2011-11-15 Ayu Tiwari , Sudip Sanyal , Ajith Abraham , Svein Johan Knapskog , Sugata Sanyal

Electronic Identification (eID) is becoming commonplace in several European countries. eID is typically used to authenticate to government e-services, but is also used for other services, such as public transit, e-banking, and physical…

Cryptography and Security · Computer Science 2014-09-10 Thomas Nyman , Jan-Erik Ekberg , N. Asokan
‹ Prev 1 2 3 10 Next ›