Units Researchers Search

New user? Click here to register.Have you forgotten your password?

Home
Master Records
Researchers
İşler, Devriş

Researcher:
İşler, Devriş

Loading...

Job Title

Master Student

First Name

Devriş

Last Name

İşler

Name

Name Variants

İşler, Devriş

Email Address

Birth Date

Publications
Projects
Org Units
Theses Advised

1 results

Filters

1 search.filters.subject.Computer science

Start

End

1 search.filters.itemtype.Conference proceeding

1 search.filters.indexed.Scopus

1 search.filters.indexed.WoS

1 search.filters.department.Department of Computer Engineering

1 search.filters.department.N/A

1 search.filters.sponsors.EU

1 search.filters.sponsors.TÜBİTAK

Advanced Search

Filter by

Filters Operators

Search Title

Settings

Sort By

Results per page

Researcher Of Publications: search.filters.isAuthorOfPublication.38456f04-b659-4cc3-9752-b7fa9133c1f8×

Search Results

Now showing 1 - 1 of 1

Metadata only
Threshold single password authentication
(Springer International Publishing Ag, 2017) N/A; N/A; Department of Computer Engineering; İşler, Devriş; Küpçü, Alptekin; Master Student; Faculty Member; Department of Computer Engineering; Graduate School of Sciences and Engineering; College of Engineering; N/A; 168060
Passwords are the most widely used form of online user authentication. In a traditional setup, the user, who has a human-memorable low entropy password, wants to authenticate with a login server. Unfortunately, existing solutions in this setting are either non-portable or insecure against many attacks, including phishing, man-in-the-middle, honeypot, and offline dictionary attacks. Three previous studies (Acar et al. 2013, Bicakci et al. 2011, and Jarecki et al. 2016) provide solutions secure against offline dictionary attacks by additionally employing a storage provider (either a cloud storage or a mobile device for portability). These works provide solutions where offline dictionary attacks are impossible as long as the adversary does not corrupt both the login server and the storage provider. For the first time, improving these previous works, we provide a more secure generalized solution employing multiple storage providers, where our solution is proven secure against offline dictionary attacks as long as the adversary does not corrupt the login server and threshold-many storage providers. We define ideal and real world indistinguishability for threshold single password authentication (Threshold SPA) schemes, and formally prove security of our solution via ideal-real simulation. Our solution provides security against all the above-mentioned attacks, including phishing, man-in-the-middle, honeypot, and offline dictionary attacks, and requires no change on the server side. Thus, our solution can immediately be deployed via a browser extension (or a mobile application) and support from some storage providers. We further argue that our protocol is efficient and scalable, and provide performance numbers where the user and storage load are only a few milliseconds.

Research

Faculty Member Profile
Research News and Announcements
Research Centers and Labs
Sponsored Research Projects
Library
Open Access

KU Web

KU
VPRI
Ethics Committee
Awards and Accreditation

KU on Social Media

Facebook
Instagram
Twitter
YouTube
LinkedIn

KU Mobile App

Contact

openaccess@ku.edu.tr

© 2024 KOÇ University

The Research Hub Built with DSpace | Lyrasis