English
Related papers

Related papers: Reverse Online Guessing Attacks on PAKE Protocols

200 papers

A partial password is a mode of password-based authentication that is widely used, especially in the financial sector. It is based on a challenge-response protocol, where at each login attempt, a challenge requesting characters from…

Cryptography and Security · Computer Science 2017-01-03 Theodosis Mourouzis , Marcin Wojcik , Nikos Komninos

Today, offline attacks are one of the most severe threats to password security. These attacks have claimed millions of passwords from prominent websites including Yahoo, LinkedIn, Twitter, Sony, Adobe and many more. Therefore, as a…

Cryptography and Security · Computer Science 2020-09-15 Harshal Tupsamudre , Sachin Lodha

Spear Phishing is a type of cyber-attack where the attacker sends hyperlinks through email on well-researched targets. The objective is to obtain sensitive information by imitating oneself as a trustworthy website. In recent times, deep…

Cryptography and Security · Computer Science 2022-11-17 Sharif Amit Kamran , Shamik Sengupta , Alireza Tavakkoli

In the classical setting, public-key encryption requires randomness in order to be secure against a forward search attack, whereby an adversary compares the encryption of a guess of the secret message with that of the actual secret message.…

Quantum Physics · Physics 2009-05-05 Georgios M. Nikolopoulos , Lawrence M. Ioannou

We present a framework by which websites can coordinate to make it difficult for users to set similar passwords at these websites, in an effort to break the culture of password reuse on the web today. Though the design of such a framework…

Cryptography and Security · Computer Science 2021-03-05 Ke Coby Wang , Michael K. Reiter

The verification of security protocols is essential, in order to ensure the absence of potential attacks. However, verification results are only valid with respect to the assumptions under which the verification was performed. These…

Logic in Computer Science · Computer Science 2024-11-12 Nisansala P. Yatapanage , Cliff B. Jones

Passwords are undoubtedly the most dominant user authentication mechanism on the web today. Although they are inexpensive and easy-to-use, security concerns of password-based authentication are serious. Phishing and theft of password…

Cryptography and Security · Computer Science 2018-04-24 Klaudia Krawiecka , Arseny Kurnikov , Andrew Paverd , Mohammad Mannan , N. Asokan

Data privacy and authentication are two main security requirements for remote access and cloud services. While QKD has been explored to address data privacy concerns, oftentimes its use is separate from the client authentication protocol…

Leveraging quantum mechanics, cryptographers have devised provably secure key sharing protocols. Despite proving the security in theory, real-world application falls short of the ideal. Last year, cryptanalysts completed an experiment…

Cryptography and Security · Computer Science 2011-12-13 Travis Denny

Phishing is the combination of social engineering and technical exploits designed to convince a victim to provide personal information, usually for the monetary gain of the attacker. Phishing has become the most popular practice among the…

Cryptography and Security · Computer Science 2011-10-04 Aanchal Jain , Vineet Richariya

User authentication can rely on various factors (e.g., a password, a cryptographic key, biometric data) but should not reveal any secret or private information. This seemingly paradoxical feat can be achieved through zero-knowledge proofs.…

Cryptography and Security · Computer Science 2020-09-15 Laurent Chuat , Sarah Plocher , Adrian Perrig

The rapid development of information and network technologies motivates the emergence of various new computing paradigms, such as distributed computing, and edge computing. This also enables more and more network enterprises to provide…

Cryptography and Security · Computer Science 2021-02-01 Jinyong Chen , Reiner Dojen , Anca Jurcut

Key substitution vulnerable signature schemes are signature schemes that permit an intruder, given a public verification key and a signed message, to compute a pair of signature and verification keys such that the message appears to be…

Cryptography and Security · Computer Science 2007-10-31 Yannick Chevalier , Mounira Kourjieh

Over recent years, the Resource Public Key Infrastructure (RPKI) has seen increasing adoption, with now 37.8% of the major networks filtering bogus BGP routes. Systems interact with the RPKI over Relying Party (RP) implementations that…

Cryptography and Security · Computer Science 2023-12-05 Donika Mirdita , Haya Schulmann , Niklas Vogel , Michael Waidner

Large-scale online password guessing attacks are wide-spread and continuously qualified as one of the top cyber-security risks. The common method for mitigating the risk of online cracking is to lock out the user after a fixed number ($K$)…

Cryptography and Security · Computer Science 2020-05-20 Jeremiah Blocki , Wuwei Zhang

This work explores injection attacks against password managers. In this setting, the adversary (only) controls their own application client, which they use to "inject" chosen payloads to a victim's client via, for example, sharing…

Cryptography and Security · Computer Science 2024-08-14 Andrés Fábrega , Armin Namavari , Rachit Agarwal , Ben Nassi , Thomas Ristenpart

Modern authentication systems store hashed values of passwords of users using cryptographic hash functions. Therefore, to crack a password an attacker needs to guess a hash function input that is mapped to the hashed value, as opposed to…

Cryptography and Security · Computer Science 2019-11-28 Yair Yona , Suhas Diggavi

Leaked passwords from data breaches can pose a serious threat to users if the password is reused elsewhere. With more online services getting breached today, there is still a lack of large-scale quantitative understanding of the risks of…

Cryptography and Security · Computer Science 2017-06-09 Chun Wang , Steve T. K. Jan , Hang Hu , Gang Wang

Password guessers are instrumental for assessing the strength of passwords. Despite their diversity and abundance, little is known about how different guessers compare to each other. We perform in-depth analyses and comparisons of the…

Cryptography and Security · Computer Science 2021-02-23 Zach Parish , Connor Cushing , Shourya Aggarwal , Amirali Salehi-Abari , Julie Thorpe

We propose a quantum authentication protocol that is robust against the theft of secret keys. In the protocol, disposable quantum passwords prevent impersonation attacks with stolen secret keys. The protocol also prevents the leakage of…

Quantum Physics · Physics 2008-06-09 Masahiro Hotta , Masanao Ozawa