{"id":"https://openalex.org/W2752178278","doi":"https://doi.org/10.1145/3133956.3133989","title":"T/Key","display_name":"T/Key","publication_year":2017,"publication_date":"2017-10-27","ids":{"openalex":"https://openalex.org/W2752178278","doi":"https://doi.org/10.1145/3133956.3133989","mag":"2752178278"},"language":"en","primary_location":{"id":"doi:10.1145/3133956.3133989","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3133956.3133989","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3133989&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=3133989&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5029494825","display_name":"Dmitry Kogan","orcid":null},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Dmitry Kogan","raw_affiliation_strings":["Stanford University, Stanford, CA, USA"],"affiliations":[{"raw_affiliation_string":"Stanford University, Stanford, CA, USA","institution_ids":["https://openalex.org/I97018004"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000492176","display_name":"Nathan Manohar","orcid":null},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Nathan Manohar","raw_affiliation_strings":["Stanford University, Stanford, CA, USA"],"affiliations":[{"raw_affiliation_string":"Stanford University, Stanford, CA, USA","institution_ids":["https://openalex.org/I97018004"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5027798962","display_name":"Dan Boneh","orcid":"https://orcid.org/0000-0003-0820-0421"},"institutions":[{"id":"https://openalex.org/I97018004","display_name":"Stanford University","ror":"https://ror.org/00f54p054","country_code":"US","type":"education","lineage":["https://openalex.org/I97018004"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dan Boneh","raw_affiliation_strings":["Stanford University, Stanford, CA, USA"],"affiliations":[{"raw_affiliation_string":"Stanford University, Stanford, CA, USA","institution_ids":["https://openalex.org/I97018004"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5029494825"],"corresponding_institution_ids":["https://openalex.org/I97018004"],"apc_list":null,"apc_paid":null,"fwci":8.0718,"has_fulltext":true,"cited_by_count":40,"citation_normalized_percentile":{"value":0.97516123,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"983","last_page":"999"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10828","display_name":"Biometric Identification and Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8402481079101562},{"id":"https://openalex.org/keywords/password","display_name":"Password","score":0.7214615345001221},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.6641734838485718},{"id":"https://openalex.org/keywords/hash-function","display_name":"Hash function","score":0.6533701419830322},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4960819184780121},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.4851999580860138},{"id":"https://openalex.org/keywords/hash-chain","display_name":"Hash chain","score":0.456808477640152},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.4175497889518738},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2580699324607849}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8402481079101562},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.7214615345001221},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.6641734838485718},{"id":"https://openalex.org/C99138194","wikidata":"https://www.wikidata.org/wiki/Q183427","display_name":"Hash function","level":2,"score":0.6533701419830322},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4960819184780121},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.4851999580860138},{"id":"https://openalex.org/C135783594","wikidata":"https://www.wikidata.org/wiki/Q5678864","display_name":"Hash chain","level":3,"score":0.456808477640152},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4175497889518738},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2580699324607849}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3133956.3133989","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3133956.3133989","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3133989&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3133956.3133989","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3133956.3133989","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=3133989&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306164","display_name":"Simons Foundation","ror":"https://ror.org/01cmst727"},{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320337345","display_name":"Office of Naval Research","ror":"https://ror.org/00rk2pe57"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2752178278.pdf","grobid_xml":"https://content.openalex.org/works/W2752178278.grobid-xml"},"referenced_works_count":41,"referenced_works":["https://openalex.org/W1480557029","https://openalex.org/W1518712071","https://openalex.org/W1549671385","https://openalex.org/W1575543897","https://openalex.org/W1575640061","https://openalex.org/W1826530159","https://openalex.org/W1971070826","https://openalex.org/W1976927620","https://openalex.org/W1989085188","https://openalex.org/W2013613544","https://openalex.org/W2014239329","https://openalex.org/W2014833947","https://openalex.org/W2020306457","https://openalex.org/W2023685621","https://openalex.org/W2030112111","https://openalex.org/W2037107113","https://openalex.org/W2052267638","https://openalex.org/W2088097115","https://openalex.org/W2096938398","https://openalex.org/W2111303254","https://openalex.org/W2113446256","https://openalex.org/W2131994112","https://openalex.org/W2138644571","https://openalex.org/W2140464265","https://openalex.org/W2141052457","https://openalex.org/W2147483269","https://openalex.org/W2149929743","https://openalex.org/W2155589547","https://openalex.org/W2159460804","https://openalex.org/W2166980335","https://openalex.org/W2226303357","https://openalex.org/W2396697587","https://openalex.org/W2400450849","https://openalex.org/W2522715116","https://openalex.org/W2546529774","https://openalex.org/W2591694482","https://openalex.org/W2598805891","https://openalex.org/W2887959728","https://openalex.org/W2950650006","https://openalex.org/W2982562162","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2383706615","https://openalex.org/W2069568684","https://openalex.org/W2154676777","https://openalex.org/W4200497776","https://openalex.org/W2982222368","https://openalex.org/W2379589344","https://openalex.org/W2103058157","https://openalex.org/W2355953790","https://openalex.org/W1570074286","https://openalex.org/W3151879525"],"abstract_inverted_index":{"Time-based":[0],"one-time":[1,42,165],"password":[2,43],"(TOTP)":[3],"systems":[4],"in":[5,34,63,115,151,175],"use":[6],"today":[7],"require":[8],"storing":[9],"secrets":[10,48],"on":[11,23,49,122,127],"both":[12],"the":[13,16,24,35,50,55,61,72,83,96,112,123,152,170],"client":[14],"and":[15,59,69,147],"server.":[17,51],"As":[18],"a":[19,40,66,78,106,116,141,155],"result,":[20],"an":[21,133],"attack":[22],"server":[25],"can":[26,137],"expose":[27],"all":[28,32],"second":[29],"factors":[30],"for":[31,109,143],"users":[33],"system.":[36],"We":[37,125],"present":[38],"T/Key,":[39],"time-based":[41],"system":[44,58,67],"that":[45,164],"requires":[46],"no":[47],"Our":[52],"work":[53],"modernizes":[54],"classic":[56],"S/Key":[57],"addresses":[60],"challenges":[62],"making":[64],"such":[65],"secure":[68,150],"practical.":[70],"At":[71],"heart":[73],"of":[74,85,90,98,130,154],"our":[75,128],"construction":[76],"is":[77,163],"new":[79],"lower":[80],"bound":[81],"analyzing":[82],"hardness":[84],"inverting":[86],"hash":[87,117],"chains":[88],"composed":[89],"independent":[91],"random":[92],"functions,":[93],"which":[94],"formalizes":[95],"security":[97],"this":[99],"widely":[100],"used":[101,139,174],"primitive.":[102],"Additionally,":[103],"we":[104],"develop":[105],"near-optimal":[107],"algorithm":[108],"quickly":[110],"generating":[111],"required":[113],"elements":[114],"chain":[118],"with":[119,161],"little":[120],"memory":[121],"client.":[124],"report":[126],"implementation":[129],"T/Key":[131,136],"as":[132,140,160],"Android":[134],"application.":[135],"be":[138],"replacement":[142],"current":[144],"TOTP":[145],"systems,":[146],"it":[148],"remains":[149],"event":[153],"server-side":[156],"compromise.":[157],"The":[158],"cost,":[159],"S/Key,":[162],"passwords":[166],"are":[167],"longer":[168],"than":[169],"standard":[171],"six":[172],"characters":[173],"TOTP.":[176]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":7},{"year":2018,"cited_by_count":4}],"updated_date":"2026-03-17T09:09:15.849793","created_date":"2017-09-15T00:00:00"}