Human factors in security research: Lessons learned from 2008-2018
Instead of only considering technology, computer security research now strives to also take
into account the human factor by studying regular users and, to a lesser extent, experts like …
into account the human factor by studying regular users and, to a lesser extent, experts like …
" Get in Researchers; We're Measuring Reproducibility": A Reproducibility Study of Machine Learning Papers in Tier 1 Security Conferences
D Olszewski, A Lu, C Stillman, K Warren… - Proceedings of the …, 2023 - dl.acm.org
Reproducibility is crucial to the advancement of science; it strengthens confidence in
seemingly contradictory results and expands the boundaries of known discoveries …
seemingly contradictory results and expands the boundaries of known discoveries …
[PDF][PDF] A comprehensive review of honey encryption scheme
We present a comprehensive survey of the Honey Encryption (HE) scheme. Honey
Encryption is an encryption scheme that provides resilience against brute-force attack by …
Encryption is an encryption scheme that provides resilience against brute-force attack by …
Generalized fuzzy password-authenticated key exchange from error correcting codes
Abstract Fuzzy Password-Authenticated Key Exchange (fuzzy PAKE) allows cryptographic
keys to be generated from authentication data that is both fuzzy and of low entropy. The …
keys to be generated from authentication data that is both fuzzy and of low entropy. The …
Might I get pwned: A second generation compromised credential checking service
Credential stuffing attacks use stolen passwords to log into victim accounts. To defend
against these attacks, recently deployed compromised credential checking (C3) services …
against these attacks, recently deployed compromised credential checking (C3) services …
ttPAKE: Typo tolerance password-authenticated key exchange
Y Han, C Xu, S Li, C Jiang, K Chen - Journal of Information Security and …, 2023 - Elsevier
Error tolerant password-authenticated key exchange (PAKE) allows a user to authenticate to
a server using a password and agree on a session key with the server, provided that the …
a server using a password and agree on a session key with the server, provided that the …
Don't forget the stuffing! revisiting the security impact of typo-tolerant password authentication
To enhance the usability of password authentication, typo-tolerant password authentication
schemes permit certain deviations in the user-supplied password, to account for common …
schemes permit certain deviations in the user-supplied password, to account for common …
Please do not use!? _ or your license plate number: Analyzing password policies in german companies
Password composition policies (PCPs) set rules that are intended to increase the security of
user-chosen passwords. We conducted an online survey and investigated the employee …
user-chosen passwords. We conducted an online survey and investigated the employee …
Fuzzy asymmetric password-authenticated key exchange
Abstract Password-Authenticated Key Exchange (PAKE) lets users with passwords
exchange a cryptographic key. There have been two variants of PAKE which make it more …
exchange a cryptographic key. There have been two variants of PAKE which make it more …
Killing the password and preserving privacy with device-centric and attribute-based authentication
K Papadamou, S Zannettou, B Chifor… - IEEE Transactions …, 2019 - ieeexplore.ieee.org
Current authentication methods on the Web have serious weaknesses. First, services
heavily rely on the traditional password paradigm, which diminishes the end-users' security …
heavily rely on the traditional password paradigm, which diminishes the end-users' security …