On secure and pseudonymous client-relationships with multiple servers
ACM Transactions on Information and System Security (TISSEC)
Cryptography: Theory and Practice
Cryptography: Theory and Practice
SPINS: security protocols for sensor networks
Wireless Networks
How to Make Personalized Web Browising Simple, Secure, and Anonymous
FC '97 Proceedings of the First International Conference on Financial Cryptography
Spam attacks: p2p to the rescue
Proceedings of the 13th international World Wide Web conference on Alternate track papers & posters
A PIN-entry method resilient against shoulder surfing
Proceedings of the 11th ACM conference on Computer and communications security
Design and evaluation of a shoulder-surfing resistant graphical password scheme
Proceedings of the working conference on Advanced visual interfaces
Stronger password authentication using browser extensions
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Security co-existence of wireless sensor networks and RFID for pervasive computing
Computer Communications
A lightweight secure protocol for wireless sensor networks
Computer Communications
Cryptanalysis of the convex hull click human identification protocol
ISC'10 Proceedings of the 13th international conference on Information security
A review of GENI authentication and access control mechanisms
International Journal of Security and Networks
Hi-index | 0.24 |
People enjoy the convenience of on-line services, Automated Teller Machines (ATMs), and pervasive computing, but online environments, ATMs, and pervasive computing may bring many risks. In this paper, we discuss how to prevent users' passwords from being stolen by adversaries. We propose a virtual password concept involving a small amount of human computing to secure users' passwords in on-line environments, ATMs, and pervasive computing. We adopt user-determined randomized linear generation functions to secure users' passwords based on the fact that a server has more information than any adversary does. We analyze how the proposed schemes defend against phishing, key logger, and shoulder-surfing attacks. To the best of our knowledge, our virtual password mechanism is the first one which is able to defend against all three attacks together.