{"id":"https://openalex.org/W4297094462","doi":"https://doi.org/10.1109/tifs.2022.3209886","title":"A Secure Two-Factor Authentication Scheme From Password-Protected Hardware Tokens","display_name":"A Secure Two-Factor Authentication Scheme From Password-Protected Hardware Tokens","publication_year":2022,"publication_date":"2022-01-01","ids":{"openalex":"https://openalex.org/W4297094462","doi":"https://doi.org/10.1109/tifs.2022.3209886"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2022.3209886","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2022.3209886","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100371477","display_name":"Shanshan Li","orcid":"https://orcid.org/0000-0002-2120-4278"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]},{"id":"https://openalex.org/I3018263800","display_name":"Huzhou University","ror":"https://ror.org/04mvpxy20","country_code":"CN","type":"education","lineage":["https://openalex.org/I3018263800"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Shanshan Li","raw_affiliation_strings":["School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, China"],"raw_orcid":"https://orcid.org/0000-0002-2120-4278","affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]},{"raw_affiliation_string":"Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, China","institution_ids":["https://openalex.org/I3018263800"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064473849","display_name":"Chunxiang Xu","orcid":"https://orcid.org/0000-0002-5411-7621"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]},{"id":"https://openalex.org/I3018263800","display_name":"Huzhou University","ror":"https://ror.org/04mvpxy20","country_code":"CN","type":"education","lineage":["https://openalex.org/I3018263800"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chunxiang Xu","raw_affiliation_strings":["School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, China"],"raw_orcid":"https://orcid.org/0000-0002-5411-7621","affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]},{"raw_affiliation_string":"Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, China","institution_ids":["https://openalex.org/I3018263800"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5029752627","display_name":"Yuan Zhang","orcid":null},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]},{"id":"https://openalex.org/I3018263800","display_name":"Huzhou University","ror":"https://ror.org/04mvpxy20","country_code":"CN","type":"education","lineage":["https://openalex.org/I3018263800"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuan Zhang","raw_affiliation_strings":["School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, China"],"raw_orcid":"https://orcid.org/0000-0002-7909-9845","affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]},{"raw_affiliation_string":"Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, China","institution_ids":["https://openalex.org/I3018263800"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5008266220","display_name":"Jianying Zhou","orcid":"https://orcid.org/0000-0003-0594-0432"},"institutions":[{"id":"https://openalex.org/I152815399","display_name":"Singapore University of Technology and Design","ror":"https://ror.org/05j6fvn87","country_code":"SG","type":"education","lineage":["https://openalex.org/I152815399"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Jianying Zhou","raw_affiliation_strings":["Centre for Research in Cyber Security, Singapore University of Technology and Design, Tampines, Singapore"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Centre for Research in Cyber Security, Singapore University of Technology and Design, Tampines, Singapore","institution_ids":["https://openalex.org/I152815399"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5100371477"],"corresponding_institution_ids":["https://openalex.org/I150229711","https://openalex.org/I3018263800"],"apc_list":null,"apc_paid":null,"fwci":5.4235,"has_fulltext":false,"cited_by_count":19,"citation_normalized_percentile":{"value":0.96022727,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":99},"biblio":{"volume":"17","issue":null,"first_page":"3525","last_page":"3538"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10951","display_name":"Cryptographic Implementations and Security","score":0.9966999888420105,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8611024618148804},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.822788417339325},{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.7009589672088623},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.6391777992248535},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5575436949729919},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5059189200401306},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.49333444237709045},{"id":"https://openalex.org/keywords/multi-factor-authentication","display_name":"Multi-factor authentication","score":0.451265811920166},{"id":"https://openalex.org/keywords/credential","display_name":"Credential","score":0.4377962648868561},{"id":"https://openalex.org/keywords/computer-hardware","display_name":"Computer hardware","score":0.34511154890060425},{"id":"https://openalex.org/keywords/authentication-protocol","display_name":"Authentication protocol","score":0.3142387568950653}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8611024618148804},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.822788417339325},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.7009589672088623},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.6391777992248535},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5575436949729919},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5059189200401306},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.49333444237709045},{"id":"https://openalex.org/C194699767","wikidata":"https://www.wikidata.org/wiki/Q7878662","display_name":"Multi-factor authentication","level":4,"score":0.451265811920166},{"id":"https://openalex.org/C2777810591","wikidata":"https://www.wikidata.org/wiki/Q16861606","display_name":"Credential","level":2,"score":0.4377962648868561},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.34511154890060425},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.3142387568950653}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2022.3209886","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2022.3209886","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.5,"id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G2782668500","display_name":null,"funder_award_id":"62272091","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G419133145","display_name":null,"funder_award_id":"2021YFG0158","funder_id":"https://openalex.org/F4320336596","funder_display_name":"Key Research and Development Program of Sichuan Province"},{"id":"https://openalex.org/G6625555691","display_name":null,"funder_award_id":"61872060","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G7168211412","display_name":null,"funder_award_id":"62002050","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"},{"id":"https://openalex.org/G8333817546","display_name":null,"funder_award_id":"2020JDTD0007","funder_id":"https://openalex.org/F4320333335","funder_display_name":"Sichuan Province Science and Technology Support Program"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320333335","display_name":"Sichuan Province Science and Technology Support Program","ror":null},{"id":"https://openalex.org/F4320336596","display_name":"Key Research and Development Program of Sichuan Province","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":45,"referenced_works":["https://openalex.org/W86271205","https://openalex.org/W126901324","https://openalex.org/W1498527206","https://openalex.org/W1499934958","https://openalex.org/W1592092778","https://openalex.org/W1889757464","https://openalex.org/W1968854550","https://openalex.org/W1981243275","https://openalex.org/W1981342917","https://openalex.org/W2030993695","https://openalex.org/W2033915486","https://openalex.org/W2036892464","https://openalex.org/W2038019800","https://openalex.org/W2042275754","https://openalex.org/W2098104887","https://openalex.org/W2105209441","https://openalex.org/W2113446256","https://openalex.org/W2124218043","https://openalex.org/W2163666541","https://openalex.org/W2219924285","https://openalex.org/W2351133878","https://openalex.org/W2403411783","https://openalex.org/W2439469608","https://openalex.org/W2503510896","https://openalex.org/W2514873781","https://openalex.org/W2538793708","https://openalex.org/W2612601170","https://openalex.org/W2783741806","https://openalex.org/W2786340627","https://openalex.org/W2807758601","https://openalex.org/W2886926540","https://openalex.org/W2891698757","https://openalex.org/W2896153685","https://openalex.org/W2911505293","https://openalex.org/W3007412953","https://openalex.org/W3046694141","https://openalex.org/W3154781724","https://openalex.org/W4245079094","https://openalex.org/W6630155293","https://openalex.org/W6636250284","https://openalex.org/W6679724985","https://openalex.org/W6686773509","https://openalex.org/W6743460260","https://openalex.org/W6754888849","https://openalex.org/W6790487486"],"related_works":["https://openalex.org/W3033883446","https://openalex.org/W2093798919","https://openalex.org/W4308361269","https://openalex.org/W3101929529","https://openalex.org/W4318823703","https://openalex.org/W4313886960","https://openalex.org/W4313855371","https://openalex.org/W2003159817","https://openalex.org/W2393298610","https://openalex.org/W2907262898"],"abstract_inverted_index":{"We":[0,143,180],"investigate":[1],"existing":[2],"\u201cpassword+hardware":[3],"token\u201d-based":[4],"authentication":[5,48,176],"schemes":[6,52,103],"deployed":[7],"in":[8,50,183],"real-world":[9],"applications":[10],"and":[11,33,187],"observe":[12],"that":[13,130],"they":[14],"are":[15,78],"vulnerable":[16],"to":[17,30,98,151,157,189],"critical":[18],"threats.":[19],"Specifically,":[20],"a":[21,26,31,93,118,139,146,173,193],"compromised":[22],"manufacturer":[23],"may":[24],"issue":[25],"backdoored":[27],"hardware":[28,71,90,127,153],"token":[29,91],"user":[32],"later":[34],"recover":[35],"the":[36,57,62,64,70,75,89,131,160,168],"user\u2019s":[37,132],"secret,":[38],"which":[39,109],"is":[40,59,67,96,110,134,141],"well":[41,135],"known":[42],"as":[43,156],"backdoor":[44,140],"attacks.":[45],"Additionally,":[46],"an":[47,84],"credential":[49],"these":[51,102],"consists":[53],"of":[54,80,92,101,185],"two":[55,76,161],"parts:":[56],"one":[58,66,164],"derived":[60,68],"from":[61,69],"password,":[63],"other":[65],"token.":[72],"However,":[73],"since":[74],"parts":[77],"independent":[79],"each":[81],"other,":[82],"if":[83,138],"adversary":[85],"can":[86],"physically":[87],"access":[88],"victim,":[94],"he":[95],"able":[97],"break":[99],"security":[100,186,195],"by":[104],"performing":[105],"dictionary-guessing":[106],"attacks":[107],"(DGA),":[108],"called":[111],"mislaying-then-DGA.":[112],"In":[113],"this":[114],"paper,":[115],"we":[116,171],"design":[117],"non-interactively":[119],"re-randomizable":[120],"reverse":[121],"firewall":[122],"signature":[123],"mechanism":[124,150],"for":[125],"securing":[126],"tokens,":[128,154],"such":[129],"secret":[133],"protected":[136],"even":[137],"embedded.":[142],"also":[144],"utilize":[145],"servers-aided":[147],"password-based":[148],"encryption":[149],"harden":[152],"so":[155],"\u201cseamlessly\u201d":[158],"integrate":[159],"factors":[162],"into":[163],"credential.":[165],"Based":[166],"on":[167],"above":[169],"mechanisms,":[170],"develop":[172],"secure":[174],"two-factor":[175],"scheme,":[177],"dubbed":[178],"ATTACH.":[179],"evaluate":[181],"ATTACH":[182],"terms":[184],"efficiency":[188],"demonstrate":[190],"it":[191],"achieves":[192],"strong":[194],"guarantee":[196],"with":[197],"high":[198],"efficiency.":[199]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}