Citation: | LIU Dong, CHEN Jing, DU Ruiying, et al., “Enhancing Security of the Reduced-Operation Two-Factor Authentication by Using Ambient WiFi,” Chinese Journal of Electronics, vol. 27, no. 3, pp. 625-633, 2018, doi: 10.1049/cje.2018.03.004 |
A. Czeskis, M. Dietz, D. Wallach, et al., "Strengthening user authentication through opportunistic cryptographic identity assertions", Proc. of the 2012 ACM conference on Computer and communications, Raleigh, NC, USA, 2012.
|
Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, et al., "Sound-proof:Usable two-factor authentication based on ambient sound", Proc. of USENIX Security Symposium, Washington D.C, USA, 2015.
|
B. Ur, S.M. Segreti, L. Bauer, N. Christin, et al., "Real-world accuracies and biases in modeling password", Proc. of USENIX Security Symposium, Washington D.C., USA, 2015.
|
D. Wang, Z. Zhang, P. Wang, et al., "Targeted online password guessing:an underestimated threat", Proc. of the 23rd ACM Conference on Computer and Communications Security (CCS16), Vienna, Austria, pp.1-13, 2012.
|
W. Melicher, B. Ur, S. Segreti, et al., " Fast, lean and accurate:Modeling password guessability using neural networks", Proc. of USENIX Security Symposium, Austin, TX, USA, pp.1-17, 2016.
|
Mike Kelly, "eHarmony password dump analysis", htps://www.trustwave.com/Resources/SpiderLabs-Blog/eHarmonyPassword-Dump-Analysis, 2012-6-25.
|
D. Florêncio, et al., "An administrator's guide to Internet password research", Proc. of the 28th USENIX Conference on Large Installation System Administration, Seattle, WA, USA, pp.35-52, 2014.
|
G. Zhang, D. Fan, Y. Zhang, et al., "A provably secure general construction for key exchange protocols using smart card and password", Chinese Journal of Electronics, Vol.26, No.2, pp.271-278, 2017.
|
A. DAS, J. BONNEAU, M. CAESAR, et al., "The tangled web of password reuse", Proc. of Network and Distributed System Security Symposium, 2014.
|
I. Fette and A. Melnikov, "The WebSocket protocol (RFC 6455)", http://tools.ietf.org/html/rfc6455, 2011.
|
M. Georgiev, S. Iyengar, S. Jana, et al., "The most dangerous code in the world:Validating SSL certificates in non-browser software", Proc. of the 2012 ACM conference on Computer and communications, Raleigh, NC, USA, 2012.
|
S. Fahl, M. Harbach, T. Muders, et al., "Why eve and mallory love android:An analysis of android SSL (In) security", Proc. of the 2012 ACM conference on Computer and communications, Raleigh, NC, USA, 2012.
|
D. Sounthiraraj, J. Sahs, G. Greenwood, et al., "Smv-hunter:Large scale, automated detection of ssl/tls man-in-the-middle vulnerabilities in Android apps", Proc. of Network and Distributed System Security, San Diego, California, USA, 2014.
|
S. Hallsteinsen, I. Jorstad and D-V. Thanh, "Using the mobile phone as a security token for unified authentication", Proc. of International Conference on Systems and Networks Communications, pp.425-434, 2005.
|
B. Reaves, N. Scaife, D. Tian, et al., "Sending out an SMS:Characterizing the security of the SMS ecosystem with public gateways", Proc. of IEEE Symp. Secur. Privacy (SP), San Jose, CA, USA, pp.339-356, 2016.
|
M. Shirvanian, S. Jarecki, N. Saxena, et al., " Two-factor authentication resilient to server compromise using mixbandwidth devices", Proc. of Network and Distributed System Security, San Diego, California, USA, 2014.
|
A. Juels and M. Sudan, "A fuzzy vault scheme", Designs Codes & Cryptography, Vol.38, No.2, pp.237-257, 2006.
|
Krumm, John, and K. Hinckley, " The NearMe wireless proximity server", Proc. of Ubiquitous Computing, International Conference, Nottingham, UK, 2004.
|
A. Varshavsky, A. Scannell, A. LaMarca, et al., "Proximitybased authentication of mobile devices", International Journal of Security & Networks, Vol.4, No.1/2, pp.4-16, 2009.
|
M. Shirvanian, S. Jarecki, N. Saxena, et al., "Comparing and fusing different sensor modalities for relay attack resistance in zero-interaction authentication", Proc. of IEEE International Conference on Pervasive Computing and Communications, Budapest, Hungary, pp.163-171, 2014.
|
U. Uludag, S. Pankanti and A. Jain, "Fuzzy vault for fingerprints", International Conference on Audio-and Video-Based Biometric Person Authentication, New York, USA, pp.310-319, 2005.
|
K. Nandakumar, A. Jain and S. Pankanti, "Fingerprint-based fuzzy vault:Implementation and performance", IEEE Transactions on Information Forensics and Security, Vol.2, No.4, pp.744-757, 2007.
|
V. Brindha, K. Deepikapriya and R. Dhivya, "Biometric template security using fuzzy vault", Proc. of International Symposium on Consumer Electronics, pp.384-387, 2011.
|
Y. Xie, H. Wen, B. Wu, et al., "A modified hierarchical attribute-based encryption access control method for mobile cloud computing", The IEEE Transactions on Cloud Computing, Vol.13, No.9, pp.1-9, 2015.
|