{"id":"https://openalex.org/W4407247745","doi":"https://doi.org/10.1109/tifs.2025.3539955","title":"Device-Enhanced Password-Based Threshold Single-Sign-On Authentication","display_name":"Device-Enhanced Password-Based Threshold Single-Sign-On Authentication","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4407247745","doi":"https://doi.org/10.1109/tifs.2025.3539955"},"language":"en","primary_location":{"id":"doi:10.1109/tifs.2025.3539955","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3539955","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://ink.library.smu.edu.sg/sis_research/10812","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5008065088","display_name":"Changsong Jiang","orcid":"https://orcid.org/0000-0002-6510-3380"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Changsong Jiang","raw_affiliation_strings":["School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China"],"raw_orcid":"https://orcid.org/0000-0002-6510-3380","affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064473849","display_name":"Chunxiang Xu","orcid":"https://orcid.org/0000-0002-5411-7621"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]},{"id":"https://openalex.org/I3018263800","display_name":"Huzhou University","ror":"https://ror.org/04mvpxy20","country_code":"CN","type":"education","lineage":["https://openalex.org/I3018263800"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chunxiang Xu","raw_affiliation_strings":["School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, P. R. China"],"raw_orcid":"https://orcid.org/0000-0002-5411-7621","affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]},{"raw_affiliation_string":"Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, P. R. China","institution_ids":["https://openalex.org/I3018263800","https://openalex.org/I150229711"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091475823","display_name":"Guomin Yang","orcid":"https://orcid.org/0000-0002-4949-7738"},"institutions":[{"id":"https://openalex.org/I79891267","display_name":"Singapore Management University","ror":"https://ror.org/050qmg959","country_code":"SG","type":"education","lineage":["https://openalex.org/I79891267"]}],"countries":["SG"],"is_corresponding":false,"raw_author_name":"Guomin Yang","raw_affiliation_strings":["School of Computing and Information Systems, Singapore Management University, Tampines, Singapore","School of Computing and Information Systems, Singapore Management University, Singapore, Singapore"],"raw_orcid":"https://orcid.org/0000-0002-4949-7738","affiliations":[{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Tampines, Singapore","institution_ids":["https://openalex.org/I79891267"]},{"raw_affiliation_string":"School of Computing and Information Systems, Singapore Management University, Singapore, Singapore","institution_ids":["https://openalex.org/I79891267"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023447421","display_name":"Zhao Zhang","orcid":"https://orcid.org/0000-0002-0178-2169"},"institutions":[{"id":"https://openalex.org/I150229711","display_name":"University of Electronic Science and Technology of China","ror":"https://ror.org/04qr3zq92","country_code":"CN","type":"education","lineage":["https://openalex.org/I150229711"]},{"id":"https://openalex.org/I3018263800","display_name":"Huzhou University","ror":"https://ror.org/04mvpxy20","country_code":"CN","type":"education","lineage":["https://openalex.org/I3018263800"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhao Zhang","raw_affiliation_strings":["School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, P. R. China"],"raw_orcid":"https://orcid.org/0000-0002-0178-2169","affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China","institution_ids":["https://openalex.org/I150229711"]},{"raw_affiliation_string":"Yangtze Delta Region Institute (Huzhou), University of Electronic Science and Technology of China, Huzhou, P. R. China","institution_ids":["https://openalex.org/I3018263800","https://openalex.org/I150229711"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5103200754","display_name":"Jie Chen","orcid":"https://orcid.org/0000-0003-4887-4244"},"institutions":[{"id":"https://openalex.org/I4210136246","display_name":"China Telecom (China)","ror":"https://ror.org/03jgnzt20","country_code":"CN","type":"company","lineage":["https://openalex.org/I4210136246"]},{"id":"https://openalex.org/I4387153335","display_name":"China Telecom","ror":"https://ror.org/05p67dv18","country_code":null,"type":"company","lineage":["https://openalex.org/I4387153335"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jie Chen","raw_affiliation_strings":["China Telecom Research Institute, Guangzhou, China"],"raw_orcid":"https://orcid.org/0000-0003-4887-4244","affiliations":[{"raw_affiliation_string":"China Telecom Research Institute, Guangzhou, China","institution_ids":["https://openalex.org/I4210136246","https://openalex.org/I4387153335"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5008065088"],"corresponding_institution_ids":["https://openalex.org/I150229711"],"apc_list":null,"apc_paid":null,"fwci":2.9051,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.8798042,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":"20","issue":null,"first_page":"2006","last_page":"2021"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10388","display_name":"Advanced Steganography and Watermarking Techniques","score":0.9944000244140625,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.8427826762199402},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8073267340660095},{"id":"https://openalex.org/keywords/single-sign-on","display_name":"Single sign-on","score":0.6183668375015259},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5944185853004456},{"id":"https://openalex.org/keywords/sign","display_name":"Sign (mathematics)","score":0.5650688409805298},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4753006398677826},{"id":"https://openalex.org/keywords/s/key","display_name":"S/KEY","score":0.4370054006576538}],"concepts":[{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.8427826762199402},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8073267340660095},{"id":"https://openalex.org/C2776362682","wikidata":"https://www.wikidata.org/wiki/Q568494","display_name":"Single sign-on","level":3,"score":0.6183668375015259},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5944185853004456},{"id":"https://openalex.org/C139676723","wikidata":"https://www.wikidata.org/wiki/Q1193832","display_name":"Sign (mathematics)","level":2,"score":0.5650688409805298},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4753006398677826},{"id":"https://openalex.org/C4957475","wikidata":"https://www.wikidata.org/wiki/Q242186","display_name":"S/KEY","level":3,"score":0.4370054006576538},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/tifs.2025.3539955","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2025.3539955","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},{"id":"pmh:oai:ink.library.smu.edu.sg:sis_research-11814","is_oa":true,"landing_page_url":"https://ink.library.smu.edu.sg/sis_research/10812","pdf_url":null,"source":{"id":"https://openalex.org/S4306401925","display_name":"Singapore Management University Institutional Knowledge (InK) (Singapore Management University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79891267","host_organization_name":"Singapore Management University","host_organization_lineage":["https://openalex.org/I79891267"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"https://doi.org/10.1109/TIFS.2025.3539955","raw_type":"Journal Article"}],"best_oa_location":{"id":"pmh:oai:ink.library.smu.edu.sg:sis_research-11814","is_oa":true,"landing_page_url":"https://ink.library.smu.edu.sg/sis_research/10812","pdf_url":null,"source":{"id":"https://openalex.org/S4306401925","display_name":"Singapore Management University Institutional Knowledge (InK) (Singapore Management University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I79891267","host_organization_name":"Singapore Management University","host_organization_lineage":["https://openalex.org/I79891267"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"https://doi.org/10.1109/TIFS.2025.3539955","raw_type":"Journal Article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2782668500","display_name":null,"funder_award_id":"62272091","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":39,"referenced_works":["https://openalex.org/W1572503422","https://openalex.org/W1889757464","https://openalex.org/W2073342447","https://openalex.org/W2106539366","https://openalex.org/W2108834246","https://openalex.org/W2113446256","https://openalex.org/W2141420453","https://openalex.org/W2351133878","https://openalex.org/W2406790903","https://openalex.org/W2514873781","https://openalex.org/W2536625930","https://openalex.org/W2765227388","https://openalex.org/W2805972464","https://openalex.org/W2891698757","https://openalex.org/W2962834060","https://openalex.org/W2963802391","https://openalex.org/W2983813777","https://openalex.org/W2986474575","https://openalex.org/W3006945404","https://openalex.org/W3007412953","https://openalex.org/W3037285711","https://openalex.org/W3096870392","https://openalex.org/W3116058186","https://openalex.org/W3158726383","https://openalex.org/W3161894933","https://openalex.org/W3201954451","https://openalex.org/W4206241451","https://openalex.org/W4293637515","https://openalex.org/W4296965632","https://openalex.org/W4312426553","https://openalex.org/W4365421284","https://openalex.org/W4380451031","https://openalex.org/W4390747981","https://openalex.org/W4392405631","https://openalex.org/W4394995006","https://openalex.org/W4398226210","https://openalex.org/W4402212157","https://openalex.org/W4405786493","https://openalex.org/W6715708862"],"related_works":["https://openalex.org/W2189322943","https://openalex.org/W2054746600","https://openalex.org/W2359085393","https://openalex.org/W2358864427","https://openalex.org/W2597260025","https://openalex.org/W2177391373","https://openalex.org/W2188146477","https://openalex.org/W2090295280","https://openalex.org/W2078158640","https://openalex.org/W2945948711"],"abstract_inverted_index":{"Password-based":[0],"threshold":[1,12,61],"single-sign-on":[2],"authentication":[3],"(PbTA)":[4],"allows":[5],"multiple":[6,160],"identity":[7,57,100,137],"servers":[8,101,138],"to":[9,50,69,133,155],"in":[10,43,102],"a":[11,15,19,35,60,88,104,127,163],"manner":[13],"authenticate":[14],"user":[16,24,164],"and":[17,33,191,204],"issue":[18],"token,":[20],"with":[21,99],"which":[22,44,142],"the":[23,67,115,124,144,195],"accesses":[25],"relevant":[26],"services.":[27],"We":[28],"analyze":[29],"existing":[30],"PbTA":[31,91],"schemes":[32],"reveal":[34],"potential":[36],"threat:":[37],"vulnerability":[38],"against":[39,147],"perpetual":[40,111,148],"credential":[41,53,64],"leakage,":[42],"\u201cperpetual\u201d":[45],"adversaries":[46,68,112],"could":[47],"perpetually":[48],"attempt":[49],"compromise":[51],"long-lived":[52],"databases":[54,65],"maintained":[55],"by":[56,201],"servers.":[58],"Compromising":[59],"number":[62],"of":[63,159,178,194],"enables":[66],"launch":[70],"offline":[71,121],"dictionary":[72],"guessing":[73],"attacks":[74],"(DGA)":[75],"or":[76],"illegally":[77],"obtain":[78],"users\u2019":[79],"tokens.":[80],"To":[81],"address":[82],"these":[83],"issues,":[84],"we":[85,151],"first":[86],"propose":[87],"basic":[89,153],"device-enhanced":[90],"scheme":[92,198],"(DE-PbTA),":[93],"where":[94,162],"an":[95],"auxiliary":[96],"device":[97],"collaborates":[98],"hardening":[103],"user\u2019s":[105,145],"password":[106,116],"during":[107],"authentication,":[108],"such":[109],"that":[110],"cannot":[113],"learn":[114],"from":[117,136],"compromised":[118],"credentials":[119],"via":[120],"DGA.":[122],"Using":[123],"hardened":[125],"password,":[126],"private":[128],"key":[129],"can":[130,165],"be":[131],"derived":[132],"decrypt":[134],"ciphertexts":[135],"for":[139,187],"token":[140],"construction,":[141],"protects":[143],"tokens":[146],"adversaries.":[149],"Then,":[150],"extend":[152],"DE-PbTA":[154,197],"support":[156],"dynamic":[157],"usage":[158],"devices,":[161],"actively":[166],"choose":[167],"<inline-formula":[168,179],"xmlns:mml=\"http://www.w3.org/1998/Math/MathML\"":[169,180],"xmlns:xlink=\"http://www.w3.org/1999/xlink\">":[170,181],"<tex-math":[171,182],"notation=\"LaTeX\">$t^{\\prime":[172],"}":[173,184],"$":[174,185],"</tex-math></inline-formula>":[175,186],"devices":[176],"out":[177],"notation=\"LaTeX\">$n^{\\prime":[183],"authentication.":[188],"Provable":[189],"security":[190],"high":[192],"efficiency":[193],"basic/enhanced":[196],"are":[199],"demonstrated":[200],"comprehensive":[202],"analysis":[203],"experimental":[205],"evaluations.":[206]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-12-27T23:08:20.325037","created_date":"2025-10-10T00:00:00"}