{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,21]],"date-time":"2026-01-21T05:18:11Z","timestamp":1768972691151,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":36,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540773658","type":"print"},{"value":"9783540773665","type":"electronic"}],"license":[{"start":{"date-parts":[[2007,1,1]],"date-time":"2007-01-01T00:00:00Z","timestamp":1167609600000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2007]]},"DOI":"10.1007\/978-3-540-77366-5_11","type":"book-chapter","created":{"date-parts":[[2007,12,20]],"date-time":"2007-12-20T08:07:48Z","timestamp":1198138068000},"page":"88-103","source":"Crossref","is-referenced-by-count":55,"title":["Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer"],"prefix":"10.1007","author":[{"given":"Mohammad","family":"Mannan","sequence":"first","affiliation":[]},{"given":"P. C.","family":"van Oorschot","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"11_CR1","unstructured":"Anti-Phishing Working Group: Phishing Activity Trends Report (July 2006)"},{"key":"11_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/11513988_27","volume-title":"Computer Aided Verification","author":"Armando","year":"2005","unstructured":"Armando et al.: The AVISPA tool for the automated validation of Internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol.\u00a03576, Springer, Heidelberg (2005), http:\/\/www.avispa-project.org"},{"key":"11_CR3","unstructured":"Balfanz, D., Felten, E.: Hand-held computers can be better smart cards. In: USENIX Security (1999)"},{"key":"11_CR4","unstructured":"Bond, M.: Phantom withdrawals: On-line resources for victims of ATM fraud, http:\/\/www.phantomwithdrawals.com"},{"key":"11_CR5","unstructured":"CA Virus Information Center: Win32.Grams.I (February 2005)"},{"key":"11_CR6","unstructured":"Chiasson, S., van Oorschot, P., Biddle, R.: A usability study and critique of two password managers. In: USENIX Security (2006)"},{"key":"11_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/3-540-45866-2_10","volume-title":"Pervasive Computing","author":"Clarke","year":"2002","unstructured":"Clarke, et al.: The untrusted computer problem and camera-based authentication. In: Mattern, F., Naghshineh, M. (eds.) Pervasive Computing. LNCS, vol.\u00a02414, pp. 114\u2013124. Springer, Heidelberg (2002)"},{"key":"11_CR8","unstructured":"F-Secure. F-Secure virus descriptions: Cabir (June 2004)"},{"key":"11_CR9","unstructured":"F-Secure. F-Secure trojan information pages: Redbrowser.A, (March 2006)"},{"key":"11_CR10","unstructured":"Felten, E.W., Balfanz, D., Dean, D., Wallach, D.S.: Web spoofing: An Internet con game. In: National Information Systems Security Conference (October 1997)"},{"key":"11_CR11","unstructured":"Gostev, A., Shevchenko, A.: Kaspersky security bulletin, January - June 2006: Malicious programs for mobile devices (September 2006), http:\/\/www.viruslist.com"},{"key":"11_CR12","doi-asserted-by":"crossref","unstructured":"Haller, N.: The S\/KEY one-time password system. RFC 1760 (February 1995)","DOI":"10.17487\/rfc1760"},{"key":"11_CR13","unstructured":"Heiser, G.: Secure embedded systems need microkernels. login (December 2005)"},{"key":"11_CR14","unstructured":"ICANN Security and Stability Advisory Committee: Domain name hijacking: Incidents, threats, risks, and remedial actions (July 2005), http:\/\/www.icann.org"},{"key":"11_CR15","unstructured":"Jackson, C., Boneh, D., Mitchell, J.: Spyware resistant web authentication using virtual machines, http:\/\/crypto.stanford.edu\/spyblock"},{"key":"11_CR16","doi-asserted-by":"crossref","unstructured":"King, et al.: SubVirt: Implementing malware with virtual machines. In: IEEE Symposium on Security and Privacy (May 2006)","DOI":"10.1109\/SP.2006.38"},{"key":"11_CR17","unstructured":"Mannan, M., van Oorschot, P.C.: AVISPA test code for Mobile Password Authentication (MP-Auth), http:\/\/www.scs.carleton.ca\/~mmannan\/mpauth"},{"key":"11_CR18","doi-asserted-by":"crossref","unstructured":"Mannan, M., van Oorschot, P.C.: Using a personal device to strengthen password authentication from an untrusted computer, Technical Report TR-07-11 (2007), http:\/\/www.scs.carleton.ca\/research\/tech_reports\/","DOI":"10.1007\/978-3-540-77366-5_11"},{"key":"11_CR19","unstructured":"Margolin, N.B., Wright, M.K., Levine, B.N.: Guardian: A framework for privacy control in untrusted environments. Technical Report 04-37 (University of Massachusetts, Amherst) (June 2004)"},{"key":"11_CR20","unstructured":"McCune, J.M., Perrig, A., Reiter, M.K.: Bump in the Ether: A framework for securing sensitive user input. In: USENIX Annual Technical Conference (2006)"},{"key":"11_CR21","doi-asserted-by":"crossref","unstructured":"McCune et al.: Seeing-is-believing: Using camera phones for human-verifiable authentication. In: IEEE Symposium on Security and Privacy (2005)","DOI":"10.1109\/SP.2005.19"},{"key":"11_CR22","unstructured":"Milletary, J.: Technical trends in phishing attacks. US-CERT, Reading room article, http:\/\/www.us-cert.gov\/reading_room\/phishing_trends0511.pdf"},{"key":"11_CR23","unstructured":"Mobile Antivirus Researchers Association: Analyzing the crossover virus: The first PC to Windows handheld cross-infector (2006), http:\/\/www.informit.com"},{"key":"11_CR24","unstructured":"Mobile Phone Work Group (MPWG): TCG mobile trusted module specification, Draft, version 0.9 (September 2006)"},{"key":"11_CR25","unstructured":"Moshchuk, A., Bragin, T., Gribble, S.D., Levy, H.: A crawler-based study of spyware in the web. In: Network and Distributed System Security (NDSS) (2006)"},{"key":"11_CR26","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Computer Systems Architecture","author":"A. Oprea","year":"2004","unstructured":"Oprea, A., Balfanz, D., Durfee, G., Smetters, D.: Securing a remote terminal application with a mobile trusted device. In: Yew, P.-C., Xue, J. (eds.) ACSAC 2004. LNCS, vol.\u00a03189, Springer, Heidelberg (2004)"},{"key":"11_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/11889663_1","volume-title":"Financial Cryptography and Data Security","author":"B. Parno","year":"2006","unstructured":"Parno, B., Kuo, C., Perrig, A.: Phoolproof phishing prevention. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol.\u00a04107, Springer, Heidelberg (2006)"},{"key":"11_CR28","unstructured":"Perrig, A., Song, D.: Hash visualization: A new technique to improve real-world security. In: Cryptographic Techniques and E-Commerce (CrypTEC) (July 1999)"},{"key":"11_CR29","unstructured":"Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.: Stronger password authentication using browser extensions. In: USENIX Security (2005)"},{"key":"11_CR30","unstructured":"Rutkowska, J.: Introducing Blue Pill, Presented at SyScan (2006), http:\/\/theinvisiblethings.blogspot.com\/2006\/06\/introducing-blue-pill.html"},{"key":"11_CR31","unstructured":"Stefan Berger, R.C., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vTPM: Virtualizing the trusted platform module. In: USENIX Security (2006)"},{"key":"11_CR32","unstructured":"Trend Micro: Mobile security, http:\/\/www.trendmicro.com\/en\/products\/mobile\/tmms\/evaluate\/overview.htm"},{"key":"11_CR33","unstructured":"Tuch, H., Klein, G., Heiser, G.: OS verification \u2014 now! In: Hot Topics in Operating Systems (June 2005)"},{"key":"11_CR34","doi-asserted-by":"crossref","unstructured":"van Oorschot, P.C.: Message authentication by integrity with public corroboration. In: New Security Paradigms Workshop (NSPW) (September 2005)","DOI":"10.1145\/1146269.1146283"},{"key":"11_CR35","unstructured":"Wu, M., Garfinkel, S., Miller, R.: Secure web authentication with mobile phones. In: DIMACS Workshop on Usable Privacy and Security Systems (July 2004)"},{"key":"11_CR36","doi-asserted-by":"crossref","unstructured":"Ye, Z.E., Smith, S., Anthony, D.: Trusted paths for browsers. ACM Transactions on Information and System Security (TISSEC)\u00a08(2) (2005)","DOI":"10.1145\/1065545.1065546"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-77366-5_11","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,5]],"date-time":"2019-05-05T23:57:50Z","timestamp":1557100670000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-77366-5_11"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007]]},"ISBN":["9783540773658","9783540773665"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-77366-5_11","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2007]]}}}