{"id":"https://openalex.org/W2020936921","doi":"https://doi.org/10.1145/2810103.2813692","title":"TrustOTP","display_name":"TrustOTP","publication_year":2015,"publication_date":"2015-10-06","ids":{"openalex":"https://openalex.org/W2020936921","doi":"https://doi.org/10.1145/2810103.2813692","mag":"2020936921"},"language":"en","primary_location":{"id":"doi:10.1145/2810103.2813692","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2810103.2813692","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5034433094","display_name":"He Sun","orcid":"https://orcid.org/0000-0001-8305-9507"},"institutions":[{"id":"https://openalex.org/I267592682","display_name":"Williams (United States)","ror":"https://ror.org/007zhvp17","country_code":"US","type":"company","lineage":["https://openalex.org/I267592682"]},{"id":"https://openalex.org/I16285277","display_name":"William & Mary","ror":"https://ror.org/03hsf0573","country_code":"US","type":"education","lineage":["https://openalex.org/I16285277"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"He Sun","raw_affiliation_strings":["College of William and Mary; Chinese Academy of Sciences, Williamsburg, VA, USA","College of William and Mary"],"affiliations":[{"raw_affiliation_string":"College of William and Mary; Chinese Academy of Sciences, Williamsburg, VA, USA","institution_ids":["https://openalex.org/I16285277","https://openalex.org/I267592682"]},{"raw_affiliation_string":"College of William and Mary","institution_ids":["https://openalex.org/I16285277"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026728546","display_name":"Kun Sun","orcid":"https://orcid.org/0000-0003-4152-2107"},"institutions":[{"id":"https://openalex.org/I16285277","display_name":"William & Mary","ror":"https://ror.org/03hsf0573","country_code":"US","type":"education","lineage":["https://openalex.org/I16285277"]},{"id":"https://openalex.org/I267592682","display_name":"Williams (United States)","ror":"https://ror.org/007zhvp17","country_code":"US","type":"company","lineage":["https://openalex.org/I267592682"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Kun Sun","raw_affiliation_strings":["College of William and Mary, Williamsburg, VA, USA"],"affiliations":[{"raw_affiliation_string":"College of William and Mary, Williamsburg, VA, USA","institution_ids":["https://openalex.org/I16285277","https://openalex.org/I267592682"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101640450","display_name":"Yuewu Wang","orcid":"https://orcid.org/0009-0003-5170-1253"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yuewu Wang","raw_affiliation_strings":["Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5033745290","display_name":"Jiwu Jing","orcid":"https://orcid.org/0000-0002-3409-6149"},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"funder","lineage":["https://openalex.org/I19820366"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Jiwu Jing","raw_affiliation_strings":["Chinese Academy of Sciences, Beijing, China"],"affiliations":[{"raw_affiliation_string":"Chinese Academy of Sciences, Beijing, China","institution_ids":["https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5034433094"],"corresponding_institution_ids":["https://openalex.org/I16285277","https://openalex.org/I267592682"],"apc_list":null,"apc_paid":null,"fwci":16.9655,"has_fulltext":false,"cited_by_count":93,"citation_normalized_percentile":{"value":0.99119196,"is_in_top_1_percent":true,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":100},"biblio":{"volume":null,"issue":null,"first_page":"976","last_page":"988"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7954747676849365},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.710167407989502},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6652480959892273},{"id":"https://openalex.org/keywords/security-token","display_name":"Security token","score":0.6335482001304626},{"id":"https://openalex.org/keywords/one-time-password","display_name":"One-time password","score":0.5860803127288818},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5237412452697754},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.5088158249855042},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5021951198577881},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.47917190194129944},{"id":"https://openalex.org/keywords/javascript","display_name":"JavaScript","score":0.4242391288280487},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.3660051226615906},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3376120626926422},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.3302762508392334},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.25485527515411377},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.1847364902496338}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7954747676849365},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.710167407989502},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6652480959892273},{"id":"https://openalex.org/C48145219","wikidata":"https://www.wikidata.org/wiki/Q1335365","display_name":"Security token","level":2,"score":0.6335482001304626},{"id":"https://openalex.org/C89479133","wikidata":"https://www.wikidata.org/wiki/Q1137840","display_name":"One-time password","level":3,"score":0.5860803127288818},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5237412452697754},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.5088158249855042},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5021951198577881},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.47917190194129944},{"id":"https://openalex.org/C544833334","wikidata":"https://www.wikidata.org/wiki/Q2005","display_name":"JavaScript","level":2,"score":0.4242391288280487},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.3660051226615906},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3376120626926422},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3302762508392334},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.25485527515411377},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.1847364902496338}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2810103.2813692","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2810103.2813692","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":17,"referenced_works":["https://openalex.org/W147819238","https://openalex.org/W165306667","https://openalex.org/W1247015877","https://openalex.org/W1496151516","https://openalex.org/W1984361257","https://openalex.org/W1987221145","https://openalex.org/W2014517322","https://openalex.org/W2025088090","https://openalex.org/W2046036463","https://openalex.org/W2055184282","https://openalex.org/W2088588187","https://openalex.org/W2097723548","https://openalex.org/W2118961967","https://openalex.org/W2136677179","https://openalex.org/W2151182669","https://openalex.org/W2168872572","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2021087413","https://openalex.org/W2359085393","https://openalex.org/W2377774403","https://openalex.org/W2237863779","https://openalex.org/W2156083280","https://openalex.org/W2387329106","https://openalex.org/W2969720675","https://openalex.org/W2949495265","https://openalex.org/W2090295280","https://openalex.org/W2565480008"],"abstract_inverted_index":{"Two-factor":[0],"authentication":[1],"has":[2,245],"been":[3,49],"widely":[4],"used":[5],"due":[6],"to":[7,26,62,123,137,208],"the":[8,38,63,75,78,83,86,99,112,121,155,161,176,179,197,220,226,249],"vulnerabilities":[9],"associated":[10],"with":[11,127],"traditional":[12],"text-based":[13],"password.":[14],"One-time":[15],"password":[16,149],"(OTP)":[17],"plays":[18],"an":[19],"indispensable":[20],"role":[21],"on":[22,219,235,248],"authenticating":[23],"mobile":[24,87,100,184,198,227,250],"users":[25,64,122],"critical":[27],"web":[28],"services":[29],"that":[30,151,243],"demand":[31],"a":[32,146,182,231],"high":[33],"level":[34],"of":[35,77,157,163,178,233],"security.":[36],"As":[37],"smartphones":[39,54],"are":[40,132],"increasingly":[41],"gaining":[42],"popularity":[43],"nowadays,":[44],"software-based":[45,70,113],"OTP":[46,71,104,114,190,194,211],"generators":[47],"have":[48],"developed":[50],"and":[51,160,192,213,252],"installed":[52],"into":[53],"as":[55],"software":[56,158],"apps,":[57],"which":[58],"bring":[59],"great":[60],"convenience":[61],"without":[65,224],"introducing":[66],"extra":[67],"burden.":[68],"However,":[69],"solutions":[72],"cannot":[73],"guarantee":[74,188],"confidentiality":[76,177],"generated":[79],"passwords":[80],"or":[81,202],"even":[82,203],"seeds":[84],"when":[85,98,130,196],"OS":[88,101,199,251],"is":[89,118,200,206,256],"compromised.":[90],"Moreover,":[91],"they":[92],"also":[93,187],"suffer":[94],"from":[95],"denial-of-service":[96],"attacks":[97],"crashes.":[102,204],"Hardware-based":[103],"tokens":[105,126,159,165],"can":[106,152,172],"solve":[107],"these":[108],"security":[109,162],"problems":[110],"in":[111],"solutions;":[115],"however,":[116],"it":[117],"inconvenient":[119],"for":[120,215],"carry":[124],"physical":[125],"them,":[128],"particularly,":[129],"there":[131],"more":[133],"than":[134],"one":[135],"token":[136],"be":[138],"carried.":[139],"In":[140],"this":[141],"paper,":[142],"we":[143],"present":[144],"TrustOTP,":[145],"secure":[147],"one-time":[148],"solution":[150],"achieve":[153],"both":[154],"flexibility":[156],"hardware":[164],"by":[166],"using":[167],"ARM":[168],"TrustZone":[169],"technology.":[170],"TrustOTP":[171,234,244],"not":[173],"only":[174],"protect":[175],"OTPs":[180],"against":[181],"malicious":[183],"OS,":[185],"but":[186],"reliable":[189],"generation":[191],"trusted":[193],"display":[195],"compromised":[201],"It":[205],"flexible":[207],"integrate":[209],"multiple":[210],"algorithms":[212],"instances":[214],"different":[216],"application":[217],"scenarios":[218],"same":[221],"smartphone":[222],"platform":[223],"modifying":[225],"OS.":[228],"We":[229],"develop":[230],"prototype":[232],"Freescale":[236],"i.MX53":[237],"QSB.":[238],"The":[239],"experimental":[240],"results":[241],"show":[242],"small":[246],"impacts":[247],"its":[253],"power":[254],"consumption":[255],"low.":[257]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":12},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":10},{"year":2019,"cited_by_count":14},{"year":2018,"cited_by_count":15},{"year":2017,"cited_by_count":14},{"year":2016,"cited_by_count":9}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2016-06-24T00:00:00"}