{"id":"https://openalex.org/W3082594886","doi":"https://doi.org/10.1155/2020/8819790","title":"Authenticator Rebinding Attack of the UAF Protocol on Mobile Devices","display_name":"Authenticator Rebinding Attack of the UAF Protocol on Mobile Devices","publication_year":2020,"publication_date":"2020-09-01","ids":{"openalex":"https://openalex.org/W3082594886","doi":"https://doi.org/10.1155/2020/8819790","mag":"3082594886"},"language":"en","primary_location":{"id":"doi:10.1155/2020/8819790","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2020/8819790","pdf_url":"https://downloads.hindawi.com/journals/wcmc/2020/8819790.pdf","source":{"id":"https://openalex.org/S235346","display_name":"Wireless Communications and Mobile Computing","issn_l":"1530-8669","issn":["1530-8669","1530-8677"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320595","host_organization_name":"Wiley","host_organization_lineage":["https://openalex.org/P4310320595"],"host_organization_lineage_names":["Wiley"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Wireless Communications and Mobile Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://downloads.hindawi.com/journals/wcmc/2020/8819790.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101798142","display_name":"Hui Li","orcid":"https://orcid.org/0000-0003-3629-0233"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":true,"raw_author_name":"Hui Li","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"],"raw_orcid":"https://orcid.org/0000-0003-3629-0233","affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5054067422","display_name":"Xuesong Pan","orcid":"https://orcid.org/0000-0001-7658-483X"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xuesong Pan","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"],"raw_orcid":"https://orcid.org/0000-0001-7658-483X","affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089628083","display_name":"Xinluo Wang","orcid":null},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xinluo Wang","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5056537907","display_name":"Haonan Feng","orcid":"https://orcid.org/0009-0002-0140-8342"},"institutions":[{"id":"https://openalex.org/I139759216","display_name":"Beijing University of Posts and Telecommunications","ror":"https://ror.org/04w9fbh59","country_code":"CN","type":"education","lineage":["https://openalex.org/I139759216"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Haonan Feng","raw_affiliation_strings":["School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China","institution_ids":["https://openalex.org/I139759216"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5010430827","display_name":"Chengjie Shi","orcid":null},"institutions":[{"id":"https://openalex.org/I19820366","display_name":"Chinese Academy of Sciences","ror":"https://ror.org/034t30j35","country_code":"CN","type":"government","lineage":["https://openalex.org/I19820366"]},{"id":"https://openalex.org/I4210156404","display_name":"Institute of Information Engineering","ror":"https://ror.org/04r53se39","country_code":"CN","type":"facility","lineage":["https://openalex.org/I19820366","https://openalex.org/I4210156404"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Chengjie Shi","raw_affiliation_strings":["Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100195, China"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100195, China","institution_ids":["https://openalex.org/I4210156404","https://openalex.org/I19820366"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5101798142"],"corresponding_institution_ids":["https://openalex.org/I139759216"],"apc_list":{"value":2300,"currency":"USD","value_usd":2300},"apc_paid":{"value":2300,"currency":"USD","value_usd":2300},"fwci":0.3239,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.62835788,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":"2020","issue":null,"first_page":"1","last_page":"14"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9884999990463257,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9884999990463257,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9829999804496765,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9825000166893005,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8202230930328369},{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.7400527000427246},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5804802179336548},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5004267692565918},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.4879097640514374},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.47981977462768555},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.42984652519226074},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1692430078983307},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.043557822704315186}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8202230930328369},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.7400527000427246},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5804802179336548},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5004267692565918},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.4879097640514374},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.47981977462768555},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.42984652519226074},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1692430078983307},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.043557822704315186},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1155/2020/8819790","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2020/8819790","pdf_url":"https://downloads.hindawi.com/journals/wcmc/2020/8819790.pdf","source":{"id":"https://openalex.org/S235346","display_name":"Wireless Communications and Mobile Computing","issn_l":"1530-8669","issn":["1530-8669","1530-8677"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320595","host_organization_name":"Wiley","host_organization_lineage":["https://openalex.org/P4310320595"],"host_organization_lineage_names":["Wiley"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Wireless Communications and Mobile Computing","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:98237a1334c54987b7809f8f2b707ef4","is_oa":false,"landing_page_url":"https://doaj.org/article/98237a1334c54987b7809f8f2b707ef4","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Wireless Communications and Mobile Computing, Vol 2020 (2020)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1155/2020/8819790","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2020/8819790","pdf_url":"https://downloads.hindawi.com/journals/wcmc/2020/8819790.pdf","source":{"id":"https://openalex.org/S235346","display_name":"Wireless Communications and Mobile Computing","issn_l":"1530-8669","issn":["1530-8669","1530-8677"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320595","host_organization_name":"Wiley","host_organization_lineage":["https://openalex.org/P4310320595"],"host_organization_lineage_names":["Wiley"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Wireless Communications and Mobile Computing","raw_type":"journal-article"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.7400000095367432}],"awards":[],"funders":[{"id":"https://openalex.org/F4320329860","display_name":"National Science and Technology Major Project","ror":null}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3082594886.pdf","grobid_xml":"https://content.openalex.org/works/W3082594886.grobid-xml"},"referenced_works_count":1,"referenced_works":["https://openalex.org/W2607361454"],"related_works":["https://openalex.org/W4386482731","https://openalex.org/W4385302085","https://openalex.org/W2360429410","https://openalex.org/W2765763546","https://openalex.org/W4256682929","https://openalex.org/W335511927","https://openalex.org/W4239662759","https://openalex.org/W2471811227","https://openalex.org/W2217591390","https://openalex.org/W3184927673"],"abstract_inverted_index":{"We":[0,144],"present":[1],"a":[2],"novel":[3],"attack":[4,110,125],"named":[5],"\u201cAuthenticator":[6],"Rebinding":[7,29,102,156],"Attack,\u201d":[8],"which":[9],"aims":[10],"at":[11],"the":[12,32,36,41,47,50,54,58,66,85,88,93,97,100,112,123,129,136,147,151,164],"Fast":[13],"IDentity":[14],"Online":[15],"(FIDO)":[16],"Universal":[17],"Authentication":[18],"Framework":[19],"(UAF)":[20],"protocol":[21,60,90,138],"implemented":[22],"on":[23,111,163],"mobile":[24],"devices.":[25],"The":[26,77],"presented":[27],"Authenticator":[28,101,155],"Attack":[30,157],"rebinds":[31],"victim\u2019s":[33,42],"identity":[34],"to":[35,56,68,99,141],"attacker\u2019s":[37],"authenticator":[38,43],"rather":[39],"than":[40],"being":[44],"verified":[45],"by":[46,64,154],"service":[48],"in":[49,84,92,128],"UAF":[51,59,89,137,162],"protocol,":[52],"allowing":[53],"attacker":[55],"bypass":[57],"local":[61],"authentication":[62,81],"mechanism":[63],"imitating":[65],"victim":[67],"perform":[69],"sensitive":[70],"operations":[71],"such":[72,142],"as":[73],"transfer":[74],"and":[75,115,132],"payment.":[76],"lack":[78],"of":[79,87],"effective":[80],"between":[82],"entities":[83],"implementations":[86],"used":[91],"actual":[94,130],"system":[95,131],"causes":[96],"vulnerability":[98],"Attack.":[103],"In":[104],"this":[105,109],"paper,":[106],"we":[107],"implement":[108],"Android":[113,133,165],"platform":[114],"evaluate":[116],"its":[117],"implementability,":[118],"where":[119],"results":[120],"show":[121],"that":[122],"proposed":[124],"is":[126],"implementable":[127],"applications":[134],"using":[135],"are":[139],"prone":[140],"attack.":[143],"also":[145],"discuss":[146],"possible":[148],"countermeasures":[149],"against":[150],"threats":[152],"posed":[153],"for":[158],"different":[159],"stakeholders":[160],"implementing":[161],"platform.":[166]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2021,"cited_by_count":2}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}