{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,10]],"date-time":"2026-01-10T18:36:26Z","timestamp":1768070186500,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2012,10,16]],"date-time":"2012-10-16T00:00:00Z","timestamp":1350345600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2012,10,16]]},"DOI":"10.1145\/2382196.2382240","type":"proceedings-article","created":{"date-parts":[[2012,10,15]],"date-time":"2012-10-15T17:13:12Z","timestamp":1350321192000},"page":"404-414","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":62,"title":["Strengthening user authentication through opportunistic cryptographic identity assertions"],"prefix":"10.1145","author":[{"given":"Alexei","family":"Czeskis","sequence":"first","affiliation":[{"name":"University of Washington, Seattle, WA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"Dietz","sequence":"additional","affiliation":[{"name":"Rice University, Houston, TX, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tadayoshi","family":"Kohno","sequence":"additional","affiliation":[{"name":"University of Washington, Seattle, WA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dan","family":"Wallach","sequence":"additional","affiliation":[{"name":"Rice University, Houston, TX, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dirk","family":"Balfanz","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2012,10,16]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Android Cloud to Device Messaging Framework 2012. https:\/\/developers.google.com\/android\/c2dm\/.  Android Cloud to Device Messaging Framework 2012. https:\/\/developers.google.com\/android\/c2dm\/."},{"key":"e_1_3_2_1_2_1","unstructured":"BrowserID - Quick Setup 2012. https:\/\/developer.mozilla.org\/en\/BrowserID\/Quick_Setup.  BrowserID - Quick Setup 2012. https:\/\/developer.mozilla.org\/en\/BrowserID\/Quick_Setup."},{"key":"e_1_3_2_1_3_1","unstructured":"Core Concepts - Authentication 2012. https:\/\/developers.facebook.com\/docs\/authentication\/.  Core Concepts - Authentication 2012. https:\/\/developers.facebook.com\/docs\/authentication\/."},{"key":"e_1_3_2_1_4_1","volume-title":"Measuring password re-use empirically","author":"Bonneau J.","year":"2011","unstructured":"J. Bonneau . Measuring password re-use empirically , 2011 . http:\/\/www.lightbluetouchpaper.org\/2011\/02\/09\/measuring-password-re-use-empirically\/. J. Bonneau. Measuring password re-use empirically, 2011. http:\/\/www.lightbluetouchpaper.org\/2011\/02\/09\/measuring-password-re-use-empirically\/."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.44"},{"key":"e_1_3_2_1_6_1","volume-title":"Gawker media is compromised. the responsible parties reach out to tnw {updated}","author":"Brian M.","year":"2010","unstructured":"M. Brian . Gawker media is compromised. the responsible parties reach out to tnw {updated} , 2010 . http:\/\/goo.gl\/0SvCj. M. Brian. Gawker media is compromised. the responsible parties reach out to tnw {updated}, 2010. http:\/\/goo.gl\/0SvCj."},{"key":"e_1_3_2_1_7_1","unstructured":"D. Chappell. Introducing windows cardspace. http:\/\/msdn.microsoft.com\/en-us\/library\/aa480189.aspx April 2006.  D. Chappell. Introducing windows cardspace. http:\/\/msdn.microsoft.com\/en-us\/library\/aa480189.aspx April 2006."},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings of the 15th conference on USENIX Security Symposium -","volume":"15","author":"Chiasson S.","year":"2006","unstructured":"S. Chiasson , P. C. van Oorschot , and R. Biddle . A usability study and critique of two password managers . In Proceedings of the 15th conference on USENIX Security Symposium - Volume 15 , USENIX-SS'06, Berkeley, CA, USA , 2006 . USENIX Association. S. Chiasson, P. C. van Oorschot, and R. Biddle. A usability study and critique of two password managers. In Proceedings of the 15th conference on USENIX Security Symposium - Volume 15, USENIX-SS'06, Berkeley, CA, USA, 2006. USENIX Association."},{"key":"e_1_3_2_1_9_1","volume-title":"official figures reveal","author":"Cluley G.","year":"2011","unstructured":"G. Cluley . 600,000+ compromised account logins every day on Facebook , official figures reveal , 2011 . http:\/\/nakedsecurity.sophos.com\/2011\/10\/28\/compromised-facebook-account-logins\/. G. Cluley. 600,000+ compromised account logins every day on Facebook, official figures reveal, 2011. http:\/\/nakedsecurity.sophos.com\/2011\/10\/28\/compromised-facebook-account-logins\/."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-34638-5_4"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"crossref","unstructured":"T. Dierks and C. Allen. The TLS protocol version 1.0. http:\/\/tools.ietf.org\/html\/rfc2246 Jan 1999.   T. Dierks and C. Allen. The TLS protocol version 1.0. http:\/\/tools.ietf.org\/html\/rfc2246 Jan 1999.","DOI":"10.17487\/rfc2246"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"T. Dierks and E. Rescorla. The transport layer security (TLS) protocol version 1.2. http:\/\/tools.ietf.org\/html\/rfc5246 Aug 2008.  T. Dierks and E. Rescorla. The transport layer security (TLS) protocol version 1.2. http:\/\/tools.ietf.org\/html\/rfc5246 Aug 2008.","DOI":"10.17487\/rfc5246"},{"key":"e_1_3_2_1_13_1","volume-title":"Proc. 21st USENIX Security Symposium","author":"Dietz M.","year":"2012","unstructured":"M. Dietz , A. Czeskis , D. Wallach , and D. Balfanz . Origin-bound certificates: A fresh approach to strong client authentication for the web . In Proc. 21st USENIX Security Symposium , 2012 . Preprint obtained from authors. M. Dietz, A. Czeskis, D. Wallach, and D. Balfanz. Origin-bound certificates: A fresh approach to strong client authentication for the web. In Proc. 21st USENIX Security Symposium, 2012. Preprint obtained from authors."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143127"},{"key":"e_1_3_2_1_15_1","volume-title":"Gmail account security in Iran","author":"Grosse E.","year":"2011","unstructured":"E. Grosse . Gmail account security in Iran , 2011 . http:\/\/googleonlinesecurity.blogspot.com\/2011\/09\/gmail-account-security-in-iran.html. E. Grosse. Gmail account security in Iran, 2011. http:\/\/googleonlinesecurity.blogspot.com\/2011\/09\/gmail-account-security-in-iran.html."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1060745.1060815"},{"key":"e_1_3_2_1_17_1","volume-title":"Protecting data for the long term with forward secrecy","author":"Langley A.","year":"2011","unstructured":"A. Langley . Protecting data for the long term with forward secrecy , 2011 . http:\/\/goo.gl\/YMpXy. A. Langley. Protecting data for the long term with forward secrecy, 2011. http:\/\/goo.gl\/YMpXy."},{"key":"e_1_3_2_1_18_1","volume-title":"Location-aware browsing","year":"2012","unstructured":"Mozilla. Location-aware browsing , 2012 . http:\/\/www.mozilla.org\/en-US\/firefox\/geolocation\/. Mozilla. Location-aware browsing, 2012. http:\/\/www.mozilla.org\/en-US\/firefox\/geolocation\/."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2006.03.004"},{"key":"e_1_3_2_1_20_1","volume-title":"Certificate Pinning via HSTS","author":"Palmer C.","year":"2011","unstructured":"C. Palmer and C. Evans . Certificate Pinning via HSTS , 2011 . http:\/\/www.ietf.org\/mail-archive\/web\/websec\/current\/msg00505.html. C. Palmer and C. Evans. Certificate Pinning via HSTS, 2011. http:\/\/www.ietf.org\/mail-archive\/web\/websec\/current\/msg00505.html."},{"key":"e_1_3_2_1_21_1","volume-title":"Interim report diginotar certificate authority breach \"operation black tulip\". Technical report","author":"Prins J.","year":"2011","unstructured":"J. Prins . Interim report diginotar certificate authority breach \"operation black tulip\". Technical report , 2011 . http:\/\/www.rijksoverheid.nl\/bestanden\/documenten-en-publicaties\/rapporten\/2011\/09\/05\/diginotar-public-report-version-1\/rapport-fox-it-operation-black-tulip-v1-0.pdf. J. Prins. Interim report diginotar certificate authority breach \"operation black tulip\". Technical report, 2011. http:\/\/www.rijksoverheid.nl\/bestanden\/documenten-en-publicaties\/rapporten\/2011\/09\/05\/diginotar-public-report-version-1\/rapport-fox-it-operation-black-tulip-v1-0.pdf."},{"key":"e_1_3_2_1_22_1","unstructured":"D. Recordon and B. Fitzpatrick. OpenID authentication 1.1. http:\/\/openid.net\/specs\/openid-authentication-1_1.html May 2008.  D. Recordon and B. Fitzpatrick. OpenID authentication 1.1. http:\/\/openid.net\/specs\/openid-authentication-1_1.html May 2008."},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the 14th Usenix Security Symposium","author":"Ross B.","year":"2005","unstructured":"B. Ross , C. Jackson , N. Miyake , D. Boneh , and J. Mitchell . Stronger password authentication using browser extensions . In Proceedings of the 14th Usenix Security Symposium , 2005 . B. Ross, C. Jackson, N. Miyake, D. Boneh, and J. Mitchell. Stronger password authentication using browser extensions. In Proceedings of the 14th Usenix Security Symposium, 2005."},{"key":"e_1_3_2_1_24_1","unstructured":"N. Sakimura D. Bradley B. de Mederiso M. Jones and E. Jay. OpenID connect standard 1.0 - draft 07. http:\/\/openid.net\/specs\/openid-connect-standard-1  N. Sakimura D. Bradley B. de Mederiso M. Jones and E. Jay. OpenID connect standard 1.0 - draft 07. http:\/\/openid.net\/specs\/openid-connect-standard-1"},{"key":"e_1_3_2_1_25_1","volume-title":"National Cybersecurity Awareness Month Updates","author":"Security F.","year":"2011","unstructured":"F. Security . National Cybersecurity Awareness Month Updates , 2011 . https:\/\/www.facebook.com\/notes\/facebook-security\/ national-cybersecurity-awareness-month-updates\/10150335022240766. F. Security. National Cybersecurity Awareness Month Updates, 2011. https:\/\/www.facebook.com\/notes\/facebook-security\/ national-cybersecurity-awareness-month-updates\/10150335022240766."},{"key":"e_1_3_2_1_26_1","volume-title":"house of representatives","author":"Seybold P.","year":"2011","unstructured":"P. Seybold . Sony's response to the u.s. house of representatives , 2011 . http:\/\/goo.gl\/YkXSv. P. Seybold. Sony's response to the u.s. house of representatives, 2011. http:\/\/goo.gl\/YkXSv."},{"key":"e_1_3_2_1_27_1","unstructured":"O. Source. Google Authenticator 2012. https:\/\/code.google.com\/p\/google-authenticator\/.  O. Source. Google Authenticator 2012. https:\/\/code.google.com\/p\/google-authenticator\/."},{"key":"e_1_3_2_1_28_1","volume-title":"Bluetooth-Enabled Device Shipments Expected to Exceed 2 Billion","author":"Vogelei R.","year":"2013","unstructured":"R. Vogelei . Bluetooth-Enabled Device Shipments Expected to Exceed 2 Billion in 2013 , 2011. http:\/\/www.instat.com\/press.asp?ID=3238&sku=IN1104968MI. R. Vogelei. Bluetooth-Enabled Device Shipments Expected to Exceed 2 Billion in 2013, 2011. http:\/\/www.instat.com\/press.asp?ID=3238&sku=IN1104968MI."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1143120.1143126"},{"key":"e_1_3_2_1_30_1","volume-title":"Security cavities ail bluetooth","author":"Zetter K.","year":"2004","unstructured":"K. Zetter . Security cavities ail bluetooth , 2004 . http:\/\/www.wired.com\/politics\/security\/news\/2004\/08\/64463. K. Zetter. Security cavities ail bluetooth, 2004. http:\/\/www.wired.com\/politics\/security\/news\/2004\/08\/64463."}],"event":{"name":"CCS'12: the ACM Conference on Computer and Communications Security","location":"Raleigh North Carolina USA","acronym":"CCS'12","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2012 ACM conference on Computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2382196.2382240","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2382196.2382240","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:34:48Z","timestamp":1750239288000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2382196.2382240"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012,10,16]]},"references-count":30,"alternative-id":["10.1145\/2382196.2382240","10.1145\/2382196"],"URL":"https:\/\/doi.org\/10.1145\/2382196.2382240","relation":{},"subject":[],"published":{"date-parts":[[2012,10,16]]},"assertion":[{"value":"2012-10-16","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}