{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,2]],"date-time":"2025-06-02T06:40:09Z","timestamp":1748846409242,"version":"3.41.0"},"publisher-location":"Cham","reference-count":41,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319315164"},{"type":"electronic","value":"9783319315171"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-31517-1_15","type":"book-chapter","created":{"date-parts":[[2016,4,6]],"date-time":"2016-04-06T16:48:05Z","timestamp":1459961285000},"page":"285-303","source":"Crossref","is-referenced-by-count":2,"title":["Software-Only Two-Factor Authentication Secure Against Active Servers"],"prefix":"10.1007","author":[{"given":"Julien","family":"Bringer","sequence":"first","affiliation":[]},{"given":"Herv\u00e9","family":"Chabanne","sequence":"additional","affiliation":[]},{"given":"Roch","family":"Lescuyer","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,4,7]]},"reference":[{"key":"15_CR1","doi-asserted-by":"crossref","unstructured":"Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: CCS 2006, pp. 390\u2013399. ACM (2006)","DOI":"10.1145\/1180405.1180453"},{"key":"15_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/3-540-45539-6_11","volume-title":"Advances in Cryptology - EUROCRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139\u2013155. Springer, Heidelberg (2000)"},{"key":"15_CR3","unstructured":"Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: SP 1992, pp. 72\u201384. IEEE (1992)"},{"key":"15_CR4","doi-asserted-by":"crossref","unstructured":"Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: Computer and Communications Security (CCS 1993), pp. 244\u2013250. ACM (1993)","DOI":"10.1145\/168588.168618"},{"key":"15_CR5","unstructured":"Benhamouda, F., Pointcheval, D.: Verifier-based password-authenticated key exchange: new models and constructions. IACR ePrint Archive, 2013\/833 (2013)"},{"key":"15_CR6","doi-asserted-by":"crossref","unstructured":"Blazy, O., Chevalier, C., Vergnaud, D.: Mitigating server breaches in password-based authentication: secure and efficient solutions. In: CT-RSA 2016 (2016). to appear","DOI":"10.1007\/978-3-319-29485-8_1"},{"key":"15_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/3-540-45539-6_12","volume-title":"Advances in Cryptology - EUROCRYPT 2000","author":"V Boyko","year":"2000","unstructured":"Boyko, V., MacKenzie, P.D., Patel, S.: Provably Secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156\u2013171. Springer, Heidelberg (2000)"},{"key":"15_CR8","doi-asserted-by":"crossref","unstructured":"Camenisch, J., Lehmann, A., Neven, G., Samelin, K.: Virtual smart cards: how to sign with a password and a server. IACR ePrint Archive, 2015\/1101 (2015)","DOI":"10.1007\/978-3-319-44618-9_19"},{"key":"15_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1007\/11818175_5","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"M Chase","year":"2006","unstructured":"Chase, M., Lysyanskaya, A.: On signatures of knowledge. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 78\u201396. Springer, Heidelberg (2006)"},{"key":"15_CR10","unstructured":"Duo Security two-factor authentication. https:\/\/www.duosecurity.com\/"},{"key":"15_CR11","unstructured":"ECRYPT II NoE. Yearly report on algorithms and keysizes. D.SPA.20 Rev. 1.0, ICT-2007-216676 ECRYPT II, 09\/2012"},{"key":"15_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology - CRYPTO \u201986","author":"A Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186\u2013194. Springer, Heidelberg (1987)"},{"key":"15_CR13","unstructured":"Google Authenticator. http:\/\/code.google.com\/p\/google-authenticator\/"},{"key":"15_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1007\/3-540-39568-7_2","volume-title":"Advances in Cryptology: Proceedings of CRYPTO 84","author":"T El Gamal","year":"1985","unstructured":"El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10\u201318. Springer, Heidelberg (1985)"},{"key":"15_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"589","DOI":"10.1007\/978-3-540-78524-8_32","volume-title":"Theory of Cryptography","author":"R Gennaro","year":"2008","unstructured":"Gennaro, R.: Faster and shorter password-authenticated key exchange. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 589\u2013606. Springer, Heidelberg (2008)"},{"issue":"2","key":"15_CR16","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1145\/1151414.1151418","volume":"9","author":"R Gennaro","year":"2006","unstructured":"Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. ACM Trans. Inf. Syst. Secur. 9(2), 181\u2013234 (2006)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"issue":"2","key":"15_CR17","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1137\/0217017","volume":"17","author":"S Goldwasser","year":"1988","unstructured":"Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Comput. 17(2), 281\u2013308 (1988)","journal-title":"SIAM J. Comput."},{"key":"15_CR18","doi-asserted-by":"crossref","unstructured":"Groce, A., Katz, J.: A new framework for efficient password-based authenticated key exchange. In: CCS 2010, pp. 516\u2013525. ACM Press (2010)","DOI":"10.1145\/1866307.1866365"},{"key":"15_CR19","unstructured":"Celestix HotPin. http:\/\/www.celestixworks.com\/HOTPin.asp"},{"key":"15_CR20","unstructured":"IEEE P1363.2. Password-based public-key cryptography working group"},{"key":"15_CR21","doi-asserted-by":"crossref","unstructured":"Jablon, D.P.: Extended password key exchange protocols immune to dictionary attacks. In: WET-ICE 1997, pp. 248\u2013255. IEEE Computer Society (1997)","DOI":"10.1109\/ENABL.1997.630822"},{"key":"15_CR22","doi-asserted-by":"crossref","unstructured":"Jarecki, S., Krawczyk, H., Shirvanian, M.: Saxena device-enhanced password protocols with optimal online-offline protection. IACR Archive, 2015\/1099 (2015)","DOI":"10.1145\/2897845.2897880"},{"key":"15_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/978-3-540-30564-4_19","volume-title":"Selected Areas in Cryptography","author":"S Jiang","year":"2004","unstructured":"Jiang, S., Gong, G.: Password based key exchange with mutual authentication. In: Handschuh, H., Hasan, M.A. (eds.) SAC 2004. LNCS, vol. 3357, pp. 267\u2013279. Springer, Heidelberg (2004)"},{"key":"15_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11496137_1","volume-title":"Applied Cryptography and Network Security","author":"J Katz","year":"2005","unstructured":"Katz, J., MacKenzie, P.D., Taban, G., Gligor, V.D.: Two-server password-only authenticated key exchange. In: Ioannidis, J., Keromytis, A.D., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 1\u201316. Springer, Heidelberg (2005)"},{"issue":"2","key":"15_CR25","doi-asserted-by":"publisher","first-page":"651","DOI":"10.1016\/j.jcss.2011.09.005","volume":"78","author":"J Katz","year":"2012","unstructured":"Katz, J., MacKenzie, P.D., Taban, G., Gligor, V.D.: Two-server password-only authenticated key exchange. J. Comput. Syst. Sci. 78(2), 651\u2013669 (2012)","journal-title":"J. Comput. Syst. Sci."},{"key":"15_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"475","DOI":"10.1007\/3-540-44987-6_29","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"J Katz","year":"2001","unstructured":"Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475\u2013494. Springer, Heidelberg (2001)"},{"key":"15_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/3-540-36413-7_3","volume-title":"Security in Communication Networks","author":"J Katz","year":"2003","unstructured":"Katz, J., Ostrovsky, R., Yung, M.: Forward secrecy in password-only key exchange protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 29\u201344. Springer, Heidelberg (2003)"},{"issue":"1","key":"15_CR28","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1145\/1613676.1613679","volume":"57","author":"J Katz","year":"2009","unstructured":"Katz, J., Ostrovsky, R., Yung, M.: Efficient and secure authenticated key exchange using weak passwords. J. ACM 57(1), 78\u2013116 (2009)","journal-title":"J. ACM"},{"issue":"4","key":"15_CR29","doi-asserted-by":"publisher","first-page":"714","DOI":"10.1007\/s00145-012-9133-6","volume":"26","author":"J Katz","year":"2013","unstructured":"Katz, J., Vaikuntanathan, V.: Round-optimal password-based authenticated key exchange. J. Cryptol. 26(4), 714\u2013743 (2013)","journal-title":"J. Cryptol."},{"key":"15_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"295","DOI":"10.1007\/978-3-319-11212-1_17","volume-title":"Computer Security - ESORICS 2014","author":"F Kiefer","year":"2014","unstructured":"Kiefer, F., Manulis, M.: Zero-knowledge password policy checks and verifier-based PAKE. In: Kuty\u0142owski, M., Vaidya, J. (eds.) ICAIS 2014, Part II. LNCS, vol. 8713, pp. 295\u2013312. Springer, Heidelberg (2014)"},{"key":"15_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/BFb0028161","volume-title":"Security Protocols","author":"S Lucks","year":"1998","unstructured":"Lucks, S.: Open key exchange: how to defeat dictionary attacks without encrypting public keys. In: Christianson, B., Crispo, B., Lomas, M., Roe, M. (eds.) Security Protocols 1997. LNCS, vol. 1361. Springer, Heidelberg (1998)"},{"key":"15_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44586-2_8","volume-title":"Public Key Cryptography","author":"T Okamoto","year":"2001","unstructured":"Okamoto, T., Pointcheval, D.: The Gap-problems: a new class of problems for the security of cryptographic schemes. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992. Springer, Heidelberg (2001)"},{"key":"15_CR33","unstructured":"Microsoft PhoneFactor. https:\/\/www.phonefactor.com\/"},{"issue":"3","key":"15_CR34","doi-asserted-by":"publisher","first-page":"361","DOI":"10.1007\/s001450010003","volume":"13","author":"D Pointcheval","year":"2000","unstructured":"Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361\u2013396 (2000)","journal-title":"J. Cryptol."},{"issue":"3","key":"15_CR35","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C Schnorr","year":"1991","unstructured":"Schnorr, C.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161\u2013174 (1991)","journal-title":"J. Cryptol."},{"key":"15_CR36","unstructured":"Scott, M.: Replacing username\/password with software-only two-factor authentication. IACR IACR ePrint Archive, 2012\/148 (2012)"},{"key":"15_CR37","doi-asserted-by":"crossref","unstructured":"Shirvanian, M., Jarecki, S., Saxena, N., Nathan, N.: Two-factor authentication resilient to server compromise using mix-bandwidth devices. In: Network and Distributed System Security - NDSS 2014. The Internet Society (2014)","DOI":"10.14722\/ndss.2014.23167"},{"issue":"3","key":"15_CR38","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1145\/206826.206834","volume":"29","author":"M Steiner","year":"1995","unstructured":"Steiner, M., Tsudik, G., Waidner, M.: Refinement and extension of encrypted key exchange. Oper. Syst. Rev. 29(3), 22\u201330 (1995)","journal-title":"Oper. Syst. Rev."},{"key":"15_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1007\/11596219_20","volume-title":"Progress in Cryptology - INDOCRYPT 2005","author":"DQ Viet","year":"2005","unstructured":"Viet, D.Q., Yamamura, A., Tanaka, H.: Anonymous password-based authenticated key exchange. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 244\u2013257. Springer, Heidelberg (2005)"},{"key":"15_CR40","unstructured":"Wu, T.D.: The secure remote password protocol. In: Network and Distributed System Security - NDSS 1998. The Internet Society (1998)"},{"key":"15_CR41","doi-asserted-by":"crossref","unstructured":"Yang, Y., Zhou, J., Weng, J., Bao, F.: A new approach for anonymous password authentication. In: ACSAC 2009, pp. 199\u2013208. IEEE Computer Society (2009)","DOI":"10.1109\/ACSAC.2009.26"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology \u2013 AFRICACRYPT 2016"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-31517-1_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,2]],"date-time":"2025-06-02T06:09:43Z","timestamp":1748844583000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-31517-1_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319315164","9783319315171"],"references-count":41,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-31517-1_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]}}}