English
Related papers

Related papers: Speranza: Usable, privacy-friendly software signin…

200 papers

Many software applications incorporate open-source third-party packages distributed by public package registries. Guaranteeing authorship along this supply chain is a challenge. Package maintainers can guarantee package authorship through…

Authentication with username and password is becoming an inconvenient process for the user. End users typically have little control over their personal privacy, and data breaches effecting millions of users have already happened several…

Distributed, Parallel, and Cluster Computing · Computer Science 2020-06-09 Zoltán András Lux , Dirk Thatmann , Sebastian Zickau , Felix Beierle

Cloud-based services have become part of our day-to-day software solutions. The identity authentication process is considered to be the main gateway to these services. As such, these gates have become increasingly susceptible to aggressive…

Cryptography and Security · Computer Science 2017-11-27 Marwan Darwish , Abdelkader Ouda , Luiz Fernando Capretz

Credential fraud is a widespread practice that undermines investment and confidence in higher education systems and bears significant economic and social costs. Legacy credential verification systems are typically time-consuming, costly,…

Cryptography and Security · Computer Science 2019-12-17 Aamna Tariq , Hina Binte Haq , Syed Taha Ali

Still to this day, academic credentials are primarily paper-based, and the process to verify the authenticity of such documents is costly, time-consuming, and prone to human error and fraud. Digitally signed documents facilitate a…

Cryptography and Security · Computer Science 2021-09-27 Rodrigo Q. Saramago , Leander Jehl , Hein Meling , Vero Estrada-Galiñanes

Certificate transparency (CT) is an elegant mechanism designed to detect when a certificate authority (CA) has issued a certificate incorrectly. Many CAs now support CT and it is being actively deployed in browsers. However, a number of…

Cryptography and Security · Computer Science 2017-08-08 Saba Eskandarian , Eran Messeri , Joseph Bonneau , Dan Boneh

Deauthentication is an important component of any authentication system. The widespread use of computing devices in daily life has underscored the need for zero-effort deauthentication schemes. However, the quest for eliminating user effort…

Cryptography and Security · Computer Science 2016-02-16 O. Huhta , P. Shrestha , S. Udar , M. Juuti , N. Saxena , N. Asokan

Software digital rights management is a pressing need for the software development industry which remains, as no practical solutions have been acclamaimed succesful by the industry. We introduce a novel software-protection method, fully…

Cryptography and Security · Computer Science 2010-06-14 Diego Bendersky , Ariel Futoransky , Luciano Notarfrancesco , Carlos Sarraute , Ariel Waissbein

Products certified under security certification frameworks such as Common Criteria undergo significant scrutiny during the costly certification process. Yet, critical vulnerabilities, including private key recovery (ROCA, Minerva,…

Cryptography and Security · Computer Science 2024-07-02 Adam Janovsky , Jan Jancar , Petr Svenda , Łukasz Chmielewski , Jiri Michalik , Vashek Matyas

Using cryptography to protect information and communication has bacically two major drawbacks. First, the specific entropy profile of encrypted data makes their detection very easy. Second, the use of cryptography can be more or less…

Cryptography and Security · Computer Science 2015-03-17 Eric Filiol

Software systems have grown as an indispensable commodity used across various industries, and almost all essential services depend on them for effective operation. The software is no longer an independent or stand-alone piece of code…

Software Engineering · Computer Science 2025-05-29 Ritwik Murali , Akash Ravi

Electronic documents are signed using private keys and verified using the corresponding digital certificates through the well-known public key infrastructure model. Private keys must be kept in a safe container so they can be reused. This…

Cryptography and Security · Computer Science 2024-08-02 Lucas Mayr , Gustavo Zambonin , Frederico Schardong , Ricardo Custódio

The prevalence of biometric authentication has been on the rise due to its ease of use and elimination of weak passwords. To date, most biometric authentication systems have been designed for on-device authentication of the device owner…

Cryptography and Security · Computer Science 2026-04-29 Alexander Bienstock , Daniel Escudero , Antigoni Polychroniadou , Zhen Zeng , Pranav Bhat , Ashok Singal , Prashant Sharma , Manuela Veloso

Anonymous credentials (ACs) are a crucial cryptographic tool for privacy-preserving authentication in decentralized networks, allowing holders to prove eligibility without revealing their identity. However, a major limitation of standard…

Cryptography and Security · Computer Science 2025-12-24 Bin Xie , Rui Song , Xuyuan Cai

On-demand authentication is critical for scalable quantum systems, yet current approaches require the signer to initiate communication, creating unnecessary overhead. We introduce a new method where the verifier can request authentication…

Quantum Physics · Physics 2025-12-08 Wusheng Wang , Masahito Hayashi

Risk-based authentication (RBA) aims to protect users against attacks involving stolen passwords. RBA monitors features during login, and requests re-authentication when feature values widely differ from previously observed ones. It is…

Cryptography and Security · Computer Science 2022-11-11 Stephan Wiefling , Paul René Jørgensen , Sigurd Thunem , Luigi Lo Iacono

Risk-based authentication (RBA) extends authentication mechanisms to make them more robust against account takeover attacks, such as those using stolen passwords. RBA is recommended by NIST and NCSC to strengthen password-based…

Cryptography and Security · Computer Science 2023-01-05 Stephan Wiefling , Jan Tolsdorf , Luigi Lo Iacono

In the UNIX/Linux environment the kernel can log every command process created by every user using process accounting. This data has many potential uses, including the investigation of security incidents. However, process accounting data is…

Cryptography and Security · Computer Science 2007-05-23 Katherine Luo , Yifan Li , Charis Ermopoulos , William Yurcik , Adam Slagell

Privacy and security are often intertwined. For example, identity theft is rampant because we have become accustomed to authentication by identification. To obtain some service, we provide enough information about our identity for an…

Cryptography and Security · Computer Science 2009-08-10 A. Damodaram , H. Jayasri

User authentication can rely on various factors (e.g., a password, a cryptographic key, biometric data) but should not reveal any secret or private information. This seemingly paradoxical feat can be achieved through zero-knowledge proofs.…

Cryptography and Security · Computer Science 2020-09-15 Laurent Chuat , Sarah Plocher , Adrian Perrig