User authentication remains a challenging issue, despite the existence of a large number of
proposed solutions, such as traditional text-based, graphical-based, biometrics-based, Web …

The newest contender for succeeding passwords as the incumbent web authentication
scheme is the FIDO2 standard. Jointly developed and backed by the FIDO Alliance and the …

Public key encryption with keyword search (PEKS) provides secure searchable data
encryption in cloud storage. Users can outsource encrypted data and keywords to a cloud …

The FIDO2 standard is a widely-used class of challenge-response type protocols that allows
to authenticate to an online service using a hardware token. Barbosa et al.(CRYPTO '21) …

We investigate existing “password+ hardware token”-based authentication schemes
deployed in real-world applications and observe that they are vulnerable to critical threats …

This paper presents a timing attack on the FIDO2 (Fast IDentity Online) authentication
protocol that allows attackers to link user accounts stored in vulnerable authenticators, a …

The FIDO2 protocol aims to strengthen or replace password authentication using public-key
cryptography. FIDO2 has primarily focused on defending against attacks from afar by remote …

Notary is a new hardware and software architecture for running isolated approval agents in
the form factor of a USB stick with a small display and buttons. Approval agents allow …

The final responsibility to verify whether a newly purchased hardware security token (HST) is
authentic and unmodified lies with the end user. However, recently reported attacks on such …

We study Multi-party computation (MPC) in the setting of subversion, where the adversary
tampers with the machines of honest parties. Our goal is to construct actively secure MPC …