{"id":"https://openalex.org/W7134814354","doi":"https://doi.org/10.1109/tifs.2026.3672018","title":"SE-ASSO: A Security-Enhanced Anonymous Single-Sign-On Authentication Scheme","display_name":"SE-ASSO: A Security-Enhanced Anonymous Single-Sign-On Authentication Scheme","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7134814354","doi":"https://doi.org/10.1109/tifs.2026.3672018"},"language":null,"primary_location":{"id":"doi:10.1109/tifs.2026.3672018","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2026.3672018","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5128661566","display_name":"Shanshan Li","orcid":null},"institutions":[{"id":"https://openalex.org/I158934434","display_name":"Zhongnan University of Economics and Law","ror":"https://ror.org/04yqxxq63","country_code":"CN","type":"education","lineage":["https://openalex.org/I158934434"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Shanshan Li","raw_affiliation_strings":["School of Information Engineering, Zhongnan University of Economics and Law, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0002-2120-4278","affiliations":[{"raw_affiliation_string":"School of Information Engineering, Zhongnan University of Economics and Law, Wuhan, China","institution_ids":["https://openalex.org/I158934434"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Mengfan Ma","orcid":"https://orcid.org/0000-0002-4478-3479"},"institutions":[{"id":"https://openalex.org/I40963666","display_name":"Central China Normal University","ror":"https://ror.org/03x1jna21","country_code":"CN","type":"education","lineage":["https://openalex.org/I40963666"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Mengfan Ma","raw_affiliation_strings":["School of Economics and Business Administration, Central China Normal University, Wuhan, China"],"raw_orcid":"https://orcid.org/0000-0002-4478-3479","affiliations":[{"raw_affiliation_string":"School of Economics and Business Administration, Central China Normal University, Wuhan, China","institution_ids":["https://openalex.org/I40963666"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5052415091","display_name":"Yunxia Han","orcid":"https://orcid.org/0000-0002-1978-1164"},"institutions":[{"id":"https://openalex.org/I165745306","display_name":"Southwest Petroleum University","ror":"https://ror.org/03h17x602","country_code":"CN","type":"education","lineage":["https://openalex.org/I165745306"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yunxia Han","raw_affiliation_strings":["School of Computer Science and Software Engineering, Southwest Petroleum University, Chengdu, China"],"raw_orcid":"https://orcid.org/0000-0002-1978-1164","affiliations":[{"raw_affiliation_string":"School of Computer Science and Software Engineering, Southwest Petroleum University, Chengdu, China","institution_ids":["https://openalex.org/I165745306"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5128661566"],"corresponding_institution_ids":["https://openalex.org/I158934434"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.45525659,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"21","issue":null,"first_page":"3646","last_page":"3661"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.2766999900341034,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.2766999900341034,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11498","display_name":"Security in Wireless Sensor Networks","score":0.22050000727176666,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.1476999968290329,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.7504000067710876},{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.7088000178337097},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5277000069618225},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.49559998512268066},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.44269999861717224},{"id":"https://openalex.org/keywords/replay-attack","display_name":"Replay attack","score":0.4424000084400177},{"id":"https://openalex.org/keywords/message-authentication-code","display_name":"Message authentication code","score":0.4357999861240387},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.3986999988555908},{"id":"https://openalex.org/keywords/stateful-firewall","display_name":"Stateful firewall","score":0.3901999890804291}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8467000126838684},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.7504000067710876},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.7088000178337097},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6499999761581421},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5277000069618225},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.49559998512268066},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4521999955177307},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.44269999861717224},{"id":"https://openalex.org/C11560541","wikidata":"https://www.wikidata.org/wiki/Q1756025","display_name":"Replay attack","level":3,"score":0.4424000084400177},{"id":"https://openalex.org/C141492731","wikidata":"https://www.wikidata.org/wiki/Q1052621","display_name":"Message authentication code","level":3,"score":0.4357999861240387},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.3986999988555908},{"id":"https://openalex.org/C22927095","wikidata":"https://www.wikidata.org/wiki/Q1784206","display_name":"Stateful firewall","level":3,"score":0.3901999890804291},{"id":"https://openalex.org/C2778355321","wikidata":"https://www.wikidata.org/wiki/Q17079427","display_name":"Identity (music)","level":2,"score":0.383899986743927},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.3305000066757202},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.3158999979496002},{"id":"https://openalex.org/C21564112","wikidata":"https://www.wikidata.org/wiki/Q4825885","display_name":"Authentication protocol","level":3,"score":0.3154999911785126},{"id":"https://openalex.org/C77618280","wikidata":"https://www.wikidata.org/wiki/Q1155772","display_name":"Scheme (mathematics)","level":2,"score":0.3131999969482422},{"id":"https://openalex.org/C153043593","wikidata":"https://www.wikidata.org/wiki/Q727896","display_name":"Connectionless communication","level":3,"score":0.3125999867916107},{"id":"https://openalex.org/C131129157","wikidata":"https://www.wikidata.org/wiki/Q1059963","display_name":"Challenge\u2013response authentication","level":4,"score":0.296099990606308},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.2930999994277954},{"id":"https://openalex.org/C77714075","wikidata":"https://www.wikidata.org/wiki/Q5452017","display_name":"Firewall (physics)","level":5,"score":0.2847999930381775},{"id":"https://openalex.org/C98705547","wikidata":"https://www.wikidata.org/wiki/Q3394687","display_name":"Password policy","level":4,"score":0.2777000069618225},{"id":"https://openalex.org/C2779201187","wikidata":"https://www.wikidata.org/wiki/Q2775060","display_name":"Information leakage","level":2,"score":0.27619999647140503},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.27079999446868896},{"id":"https://openalex.org/C178005623","wikidata":"https://www.wikidata.org/wiki/Q308859","display_name":"Anonymity","level":2,"score":0.26190000772476196}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tifs.2026.3672018","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tifs.2026.3672018","pdf_url":null,"source":{"id":"https://openalex.org/S61310614","display_name":"IEEE Transactions on Information Forensics and Security","issn_l":"1556-6013","issn":["1556-6013","1556-6021"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Information Forensics and Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6884723901748657,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G569075779","display_name":null,"funder_award_id":"2025T180418","funder_id":"https://openalex.org/F4320321543","funder_display_name":"China Postdoctoral Science Foundation"},{"id":"https://openalex.org/G6994629115","display_name":null,"funder_award_id":"62302406","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320321543","display_name":"China Postdoctoral Science Foundation","ror":"https://ror.org/0426zh255"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Anonymous":[0],"Single-Sign-On":[1],"(ASSO)":[2],"enables":[3,108],"users":[4],"to":[5,20,51,77,103,111,207,225],"authenticate":[6],"with":[7],"an":[8,36],"identity":[9,53,63,167],"server":[10,64],"and":[11,29,46,143,156,204,228,237],"obtain":[12],"a":[13,43,66,88,93,127,141,144,185,195,220,230],"master":[14,58,129,136,163],"token":[15,130],"that":[16,133],"grants":[17],"anonymous":[18],"access":[19],"multiple":[21],"services.":[22],"We":[23],"analyze":[24],"existing":[25],"password-based":[26],"ASSO":[27,222],"schemes":[28],"identify":[30],"two":[31,139,216],"fundamental":[32],"security":[33,145,177,236],"vulnerabilities.":[34],"First,":[35],"adversary":[37,70],"may":[38,91],"enumerate":[39],"potential":[40],"passwords":[41,173],"of":[42],"target":[44],"user":[45],"forge":[47],"valid":[48,153],"authentication":[49,154],"requests":[50,155],"the":[52,57,62,69,73,109,166,205],"server.":[54],"By":[55],"analyzing":[56],"tokens":[59,137,164],"returned":[60],"by":[61],"using":[65,138],"designated":[67],"equation,":[68],"can":[71],"recover":[72,113],"user\u2019s":[74,202],"password.We":[75],"refer":[76],"this":[78,193],"attack":[79],"as":[80,119,226],"Master":[81],"Token":[82],"Password":[83],"Inference":[84],"Attacks":[85],"(MT-PIA).":[86],"Second,":[87],"malicious":[89],"manufacturer":[90,110],"embed":[92],"biased":[94],"randomness":[95,189],"source":[96],"in":[97,209],"users\u2019":[98,114,135,172,175],"devices,":[99],"causing":[100],"cryptographic":[101,186],"operations":[102],"produce":[104],"predictable":[105],"outputs.":[106],"This":[107,147],"efficiently":[112],"secrets,":[115],"which":[116],"is":[117,198],"known":[118],"subversion":[120,181],"attacks.":[121],"To":[122,179],"mitigate":[123],"MT-PIA,":[124],"we":[125,183,218],"propose":[126],"secure":[128],"generation":[131,190],"mechanism":[132,148],"protects":[134],"factors:":[140],"password":[142],"key.":[146],"prevents":[149],"adversaries":[150],"from":[151,165],"forging":[152],"ensures":[157],"that,":[158],"even":[159],"if":[160],"they":[161,169],"intercept":[162],"server,":[168],"cannot":[170],"infer":[171],"without":[174],"associated":[176],"keys.":[178],"counter":[180],"attacks,":[182],"design":[184],"reverse":[187,196],"firewall\u2013based":[188],"mechanism.":[191],"In":[192],"design,":[194],"firewall":[197],"deployed":[199],"between":[200],"each":[201],"device":[203],"external":[206],"assist":[208],"generating":[210],"uniformly":[211],"distributed":[212],"randomness.":[213],"Leveraging":[214],"these":[215],"mechanisms,":[217],"develop":[219],"security-enhanced":[221],"scheme,":[223],"referred":[224],"SE-ASSO,":[227],"conduct":[229],"comprehensive":[231],"evaluation":[232],"demonstrating":[233],"its":[234],"strong":[235],"practicality":[238],"for":[239],"real-world":[240],"deployment.":[241]},"counts_by_year":[],"updated_date":"2026-04-08T06:01:36.053099","created_date":"2026-03-11T00:00:00"}