{"id":"https://openalex.org/W4385819871","doi":"https://doi.org/10.1109/tifs.2023.3304840","title":"An Attack to One-Tap Authentication Services in Cellular Networks","display_name":"An Attack to One-Tap Authentication Services in Cellular Networks","publication_year":2023,"publication_date":"2023-01-01","ids":{"openalex":"https://openalex.org/W4385819871","doi":"https://doi.org/10.1109/tifs.2023.3304840"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2023.3304840","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3304840","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5079443685","display_name":"Zhiwei Cui","orcid":"https://orcid.org/0000-0003-1300-8426"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Zhiwei Cui","raw_affiliation_strings":["School of Cyberspace Security and National Engineering Laboratory for Mobile Network Technologies, Beijing University of Posts and Telecommunications, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0003-1300-8426","affiliations":[{"raw_affiliation_string":"School of Cyberspace Security and National Engineering Laboratory for Mobile Network Technologies, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084818732","display_name":"Baojiang Cui","orcid":"https://orcid.org/0000-0001-6937-4068"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Baojiang Cui","raw_affiliation_strings":["School of Cyberspace Security and National Engineering Laboratory for Mobile Network Technologies, Beijing University of Posts and Telecommunications, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0001-6937-4068","affiliations":[{"raw_affiliation_string":"School of Cyberspace Security and National Engineering Laboratory for Mobile Network Technologies, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011916209","display_name":"Junsong Fu","orcid":"https://orcid.org/0000-0002-2445-1987"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Junsong Fu","raw_affiliation_strings":["School of Cyberspace Security and National Engineering Laboratory for Mobile Network Technologies, Beijing University of Posts and Telecommunications, Beijing, China"],"raw_orcid":"https://orcid.org/0000-0002-2445-1987","affiliations":[{"raw_affiliation_string":"School of Cyberspace Security and National Engineering Laboratory for Mobile Network Technologies, Beijing University of Posts and Telecommunications, Beijing, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5077320731","display_name":"Bharat Bhargava","orcid":"https://orcid.org/0000-0003-3803-8672"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bharat K. Bhargava","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayette, IN, USA"],"raw_orcid":"https://orcid.org/0000-0003-3803-8672","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5079443685"],"corresponding_institution_ids":["https://openalex.org/I139759216"],"apc_list":null,"apc_paid":null,"fwci":1.1805,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.7993271,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"18","issue":null,"first_page":"5082","last_page":"5095"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9927999973297119,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7911187410354614},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5408814549446106},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.529333233833313},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.5128441452980042},{"id":"https://openalex.org/keywords/message-authentication-code","display_name":"Message authentication code","score":0.41367074847221375},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.36250802874565125}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7911187410354614},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5408814549446106},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.529333233833313},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.5128441452980042},{"id":"https://openalex.org/C141492731","wikidata":"https://www.wikidata.org/wiki/Q1052621","display_name":"Message authentication code","level":3,"score":0.41367074847221375},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.36250802874565125}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2023.3304840","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2023.3304840","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.699999988079071,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[{"id":"https://openalex.org/G6507379929","display_name":null,"funder_award_id":"62001055","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":26,"referenced_works":["https://openalex.org/W1595513981","https://openalex.org/W2129281072","https://openalex.org/W2218971720","https://openalex.org/W2294912729","https://openalex.org/W2303256851","https://openalex.org/W2537607123","https://openalex.org/W2559870021","https://openalex.org/W2591807455","https://openalex.org/W2592873583","https://openalex.org/W2741727270","https://openalex.org/W2772333951","https://openalex.org/W2778029521","https://openalex.org/W2795336163","https://openalex.org/W2932741641","https://openalex.org/W3014494189","https://openalex.org/W3095325295","https://openalex.org/W3160885800","https://openalex.org/W4287825602","https://openalex.org/W4287849796","https://openalex.org/W4294767953","https://openalex.org/W4313406111","https://openalex.org/W4368232621","https://openalex.org/W6733873893","https://openalex.org/W6775026785","https://openalex.org/W6783956734","https://openalex.org/W6842878367"],"related_works":["https://openalex.org/W2060145807","https://openalex.org/W2912135041","https://openalex.org/W4248806346","https://openalex.org/W2166668397","https://openalex.org/W2116285675","https://openalex.org/W1533309011","https://openalex.org/W3048245612","https://openalex.org/W1980599209","https://openalex.org/W4220718301","https://openalex.org/W1555715488"],"abstract_inverted_index":{"The":[0,27,197],"One-Tap":[1],"Authentication":[2],"(OTAuth)":[3],"based":[4],"on":[5,117],"the":[6,21,73,85,107,123,145,177,180,210,221,236],"cellular":[7,113,124],"network":[8,125],"is":[9,205],"a":[10,46,137,154,173],"password-less":[11],"login":[12,167],"service":[13,28],"provided":[14],"by":[15,57,158],"Mobile":[16],"Network":[17],"Operator":[18],"(MNO)":[19],"through":[20],"unique":[22],"communication":[23],"gateway":[24],"access":[25],"technique.":[26],"allows":[29,163],"app":[30,171],"users":[31],"to":[32,49,166,207,233,249],"quickly":[33],"sign":[34],"up":[35],"or":[36,168],"log":[37],"in":[38,121,130,142,195],"with":[39],"their":[40,254],"mobile":[41,76],"phone":[42],"numbers":[43],"without":[44],"entering":[45],"password.":[47],"Due":[48],"its":[50],"convenience,":[51],"OTAuth":[52,66,104,131,149,189,214],"has":[53],"been":[54,225],"widely":[55],"used":[56],"various":[58],"apps.":[59],"However,":[60],"some":[61],"studies":[62],"have":[63,183,224,244],"elaborated":[64],"that":[65,201,212,223],"services":[67,105,190],"are":[68],"of":[69,75,109,179,191],"great":[70],"drawbacks":[71],"from":[72,91,106],"perspective":[74,108],"security":[77],"and":[78,94,111,115,216,252],"identified":[79],"several":[80,231],"flawed":[81],"designs,":[82],"which":[83,122,162],"make":[84],"MNO":[86],"cannot":[87],"distinguish":[88],"malicious":[89],"apps":[90,187,211,219],"normal":[92],"ones":[93],"cause":[95],"impersonation":[96],"attacks.":[97],"In":[98],"this":[99,160],"paper,":[100],"we":[101,135,152,182,229,243],"further":[102],"analyze":[103],"4G":[110],"5G":[112],"networks":[114],"focus":[116],"two":[118],"important":[119,128],"procedures":[120],"plays":[126],"an":[127,164],"role":[129],"services.":[132,150],"Not":[133],"surprisingly,":[134],"discover":[136],"new":[138],"fundamental":[139],"design":[140],"flaw":[141],"determining":[143],"whether":[144],"runtime":[146],"environment":[147],"supports":[148],"Moreover,":[151],"propose":[153,230],"mature":[155],"attack":[156,204],"paradigm":[157],"exploiting":[159],"flaw,":[161],"attacker":[165],"register":[169],"one":[170],"as":[172],"victim.":[174],"To":[175],"evaluate":[176],"impact":[178],"attack,":[181],"examined":[184],"100/90/100":[185],"Android/iOS/HarmonyOS":[186],"for":[188,240],"3":[192],"main-stream":[193],"MNOs":[194],"China.":[196],"experimental":[198],"results":[199],"show":[200],"our":[202,247],"proposed":[203],"applicable":[206],"almost":[208],"all":[209],"support":[213],"services,":[215],"affects":[217],"more":[218],"than":[220],"attacks":[222],"reported":[226,246],"before.":[227],"Finally,":[228],"counter-measures":[232],"defend":[234],"against":[235],"attack.":[237],"Note":[238],"that,":[239],"security\u2019s":[241],"sake,":[242],"already":[245],"findings":[248],"authorized":[250],"parties":[251],"received":[253],"confirmations.":[255]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}