On the Fly Access Request Authentication: Two-Layer Password-Based Access Control Systems for Securing Information
How to cite (IJASEIT) :
D. Silver, S. Jana, and D. Boneh, E. Chen and C. Jackson, Password Managers: Attacks and Defenses, In Proceedings of the 23rd USENIX Security Symposium (San Diego, CA) August 20-22, 2014.
S-N Hsu and Y-C Hou, A Document Protection Scheme using Innocuous Messages as Camouflage, WSEAS TRANSACTIONS on Information Science and Applications, No. 4, Vol. 6, pp. 694ï€703, April 2009
C.H. Lin and T.C. Lee, A Confused Document Encrypting Scheme and Its Implementation, Computers & Security Journal, Vol.17, No.6, pp.543-551, 1998
A. Greenberg. Password Manager LastPass Got Breached Hard, June 2015. https://www.wired.com/2015/06/hack-brief-password-manager-lastpass-got-breached-hard.
J. Alex Halderman , Brent Waters , Edward W. Felten, A convenient method for securely managing passwords, Proceedings of the 14th international conference on World Wide Web, May, 2005, Chiba, Japan doi:10.1145/1060745.1060815
J. Bonneau. Guessing Human-Chosen Secrets. PhD dissertation, University of Cambridge, 2012
D. Llewellyn-Jone and G. Ryme, Cracking PwdHash: A Brute-force Attack on Client-side Password Hashing, Proceeding of 11th International Conference on Passwords (Passwords16 Bochum), December, 2016
B. Ross, C. Jackson, N. Miyake, D. Boneh, J. C. Mitchell, Stronger Password Authentication Using Browser Extensions. In 14th USENIX Security Symposium, 2005. http://crypto.stanford.edu/PwdHash/
D. Silver, S. Jana, D. Boneh, E. Chen, C. Jackson, Password Managers: Attacks and Defenses, pp. 449ï€464. USENIX Association, 2014. https://www.usenix.org/ node/184476
E. Stobert, R. Biddle, Expert Password Management, pp. 3-20. Springer International Publishing, Cham, 2016. http://dx.doi.org/10.1007/ 978-3-319-29938-9_1
B. Ur, F. Alfieri, M Aung, L. Bauer, N. Christin, J. Colnago, L. Faith Cranor, H. Dixon, P. E. Naeini, H. Habib, N. Johnson, W. Melicher, Design and Evaluation of a Data-Driven Password Meter, Proceedings of the 2017 SIGCHI Conference on Human Factors in Computing Systems (CHI '17), May 2017.
K-P. Yee and K. Sitake. Passpet: Convenient Password Management and Phishing Protection. In Proceedings of the second symposium on Usable privacy and security (SOUPS'06). ACM, New York, NY, pp. 32ï€43, 2006. DOI=http://dx.doi.org/10.1145/1143120.1143126
J. Daemen and V. Rijmen. Advanced Encryption Standard (AES), 2001. http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf/, November 2001.
W. Stallings, Cryptography and Network Security: Principles and Practice, 7th edition, Pearson publishers, 2016.
M. J. Al-Muhammed, Zitar, R.A., ï«-Lookback Random-Based Text Encryption Technique, Journal of King Saud University-Computer and Information Sciences, 2017. doi: https://doi.org/10.1016/j.jksuci.2017.10.002
S. Gueron, S. Johnson, and J. Walker, SHA-512/256, In: Latifi, S. (ed.) Information Technology: New Generations-ITNG 2011. pp. 354-358. IEEE Computer Society, 2011.
Computer Security Resource Center https://csrc.nist.gov/csrc/media/publications/fips/180/2/archive/2002-08-01/documents/fips180-2.pdf
Different versions of SHA-x, https://csrc.nist.gov.
C. Dobraunig, M. Eichlseder, and F. Mendel. Analysis of SHA-512/224 and SHA-512/256. In International Conference on the Theory and Application of Cryptology and Information Security, pp. 612-630, Springer, 2014.
R. Rivest, The MD5 Message Digest Algorithm, IETF RFC 1321, 1992
V. Lyubashevsky, D. Micciancio, C, Peikert, and A. Rosen, SWIFFT: A Modest Proposal for FFT Hashing, 2008
Pierre LEcuyer. Random Number Generation. In James E. Gentle Wolf-gang Karl Hrdle Yuichi Mori, editor, Handbook of Computational Statistics, Springer Handbooks, chapter 3, pages 35ï€71. Springer Berlin Heidel-berg, 2012.
G. Marsaglia, Xorshift RNGs, Journal of Statistical Software, 2003
https://passwordsgenerator.net/, accessed March, 17-31, 2018
J. Nechvatal A. Rukhin, J. Soto and et al. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. Special publication 800-22, National Institute of Standards and Technology (NIST), 2010
M. Sí½s and Z. Rí¯ha. Faster Randomness Testing with the NIST Statistical Test Suite. In Schaumont P. (eds) Chakraborty R.S., Matyas V., editor, Security, Privacy, and Applied Cryptography Engineering, volume 8804 of Lecture Notes in Computer Science, pages 272ï€284. Springer, Cham, 2014.
Minitab 17 Statistical Software. Website, 2016. www.minitab.com.
R. Hranickí½, P. MatouÅ¡ek, O. RyÅ¡aví½, and V. Veselí½. Experimental Evaluation of Password Recovery in Encrypted Documents. In: Proceedings of ICISSP 2016. Roma: SciTePress - Science and Technology Publications, pp. 299ï€306, 2016.
M. Golla, B. Beuscher, and M. Dí¼rmut, On the Security of Cracking-Resistant Password Vaults. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). ACM, New York, NY, USA, 1230ï€1241. 2016. DOI: https://doi.org/10.1145/2976749.2978416
H. Bojinov, E. Bursztein, X. Boyen, and D. Boneh. Kamouflage: Loss-resistant Password Management. In European Conference on Research in Computer Security, pp. 286-302. Springer, 2010.
A. Juels and T. Ristenpart. Honey Encryption: Security Beyond the Brute-Force Bound. In Advances in Cryptologyï€EUROCRYPT, pp. 293-310. Springer, 2014.
R. Chatterjee, J. Bonneau, A. Juels, and T. Ristenpart. Cracking-Resistant Password Vaults using Natural Language Encoders. In IEEE Security and Privacy, pp. 481-498, 2015. Available at (April 2018) https://eprint.iacr.org/2015/788, as of August 16, 2016.
M. Dí¼rmuth, F. Angelstorf, C. Castelluccia, D. Perito, and A. Chaabane. OMEN: Faster Password Guessing Using an Ordered Markov Enumerator. In International Symposium on Engineering Secure Software and Systems, pp. 119-132. Springer, 2015.
Authors who publish with this journal agree to the following terms:
- Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).