Uysal, Ertan

Profile URL
https://hdl.handle.net/11147/16001
Name Variants
Job Title
Email Address
Main Affiliation
01. Izmir Institute of Technology
Status
External
Website
ORCID ID
Scopus Author ID
Turkish CoHE Profile ID
Google Scholar ID
WoS Researcher ID

Sustainable Development Goals

NO POVERTY1
NO POVERTY
0
Research Products
ZERO HUNGER2
ZERO HUNGER
0
Research Products
GOOD HEALTH AND WELL-BEING3
GOOD HEALTH AND WELL-BEING
0
Research Products
QUALITY EDUCATION4
QUALITY EDUCATION
0
Research Products
GENDER EQUALITY5
GENDER EQUALITY
0
Research Products
CLEAN WATER AND SANITATION6
CLEAN WATER AND SANITATION
0
Research Products
AFFORDABLE AND CLEAN ENERGY7
AFFORDABLE AND CLEAN ENERGY
0
Research Products
DECENT WORK AND ECONOMIC GROWTH8
DECENT WORK AND ECONOMIC GROWTH
0
Research Products
INDUSTRY, INNOVATION AND INFRASTRUCTURE9
INDUSTRY, INNOVATION AND INFRASTRUCTURE
1
Research Products
REDUCED INEQUALITIES10
REDUCED INEQUALITIES
0
Research Products
SUSTAINABLE CITIES AND COMMUNITIES11
SUSTAINABLE CITIES AND COMMUNITIES
0
Research Products
RESPONSIBLE CONSUMPTION AND PRODUCTION12
RESPONSIBLE CONSUMPTION AND PRODUCTION
0
Research Products
CLIMATE ACTION13
CLIMATE ACTION
0
Research Products
LIFE BELOW WATER14
LIFE BELOW WATER
0
Research Products
LIFE ON LAND15
LIFE ON LAND
0
Research Products
PEACE, JUSTICE AND STRONG INSTITUTIONS16
PEACE, JUSTICE AND STRONG INSTITUTIONS
0
Research Products
PARTNERSHIPS FOR THE GOALS17
PARTNERSHIPS FOR THE GOALS
0
Research Products
This researcher does not have a Scopus ID.
This researcher does not have a WoS ID.
No records found in other affiliations.
Scholarly Output

2

Articles

1

Views / Downloads

4789/3559

Supervised MSc Theses

1

Supervised PhD Theses

0

WoS Citation Count

5

Scopus Citation Count

9

Patents

0

Projects

0

WoS Citations per Publication

2.50

Scopus Citations per Publication

4.50

Open Access Source

2

Supervised Theses

1

JournalCount
PLoS ONE1
Current Page: 1 / 1

Scopus Quartile Distribution

Competency Cloud

GCRIS Competency Cloud

Filters

2022 - 20232

Settings

Author of Publication: search.filters.isAuthorOfPublication.722f4b0b-af59-432d-9400-7d5e1ce08bc0

Scholarly Output Search Results

Now showing 1 - 2 of 2
  • Master Thesis
    P/Key: Puf Based Second Factor Authentication
    (01. Izmir Institute of Technology, 2022) Akgün, Mete; Şahin, Serap; Uysal, Ertan; Akgün, Mete; Şahin, Serap; 03.04. Department of Computer Engineering; 01. Izmir Institute of Technology; 03. Faculty of Engineering
    Second-factor authentication mechanisms increase the security of authentication processes by implementing an additional auxiliary layer to a single factor. As a second factor, using one-time passwords (OTP) is mainly preferred due to their hardware independence and easy generation. OTP generation protocols should be evaluated in two main categories: time and security. In time-based OTP mechanisms (TOTP), client and server store a shared secret key. However, if attackers compromise the server, attackers can generate new OTPs using the key and impersonate the client. To solve this problem, protocols based on the hash chain mechanism have been proposed; however, these methods have weaknesses mainly due to the authentication speed and the limited number of OTPs they generate. This thesis proposes a server-side tamper-proof and fast response physical unclonable function (PUF) based second-factor authentication protocol on overcoming these problems. PUF is a digital fingerprint that ensures that every device produced is unique due to uncontrollable factors in the production stages of devices. It generates responses that correspond to challenges. Since PUF is based on the micro-level differences in devices, micro-level structure changes in the event of an attack, and the PUF takes to generate different responses. Although PUF is a fast response function, it is impossible to reach the challenge from the response it generates. In the proposed protocol, the PUF inside the server generates key values and used to store clients’ secret seed values securely. In case of side-channel attack on server-side, the key values of the clients cannot be obtained by the attackers, as the PUF structure will be corrupted. Even if the attacker obtains the server’s credentials and gains access to the system, they cannot get the secret seed values of the clients and cannot generate the OTPs. In this way, the attacker cannot authenticate by impersonating the client.
  • Article
    Citation - WoS: 5
    Citation - Scopus: 9
    P/Key: Puf Based Second Factor Authentication
    (Public Library of Science, 2023) Uysal, Ertan; Akgün, Mete; Uysal, Ertan; Akgün, Mete; 01. Izmir Institute of Technology; 03.04. Department of Computer Engineering; 03. Faculty of Engineering
    One-time password (OTP) mechanisms are widely used to strengthen authentication processes. In time-based one-time password (TOTP) mechanisms, the client and server store common secrets. However, once the server is compromised, the client’s secrets are easy to obtain. To solve this issue, hash-chain-based second-factor authentication protocols have been proposed. However, these protocols suffer from latency in the generation of OTPs on the client side because of the hash-chain traversal. Secondly, they can generate only a limited number of OTPs as it depends on the length of the hash-chain. In this paper, we propose a second-factor authentication protocol that utilizes Physically Unclonable Functions (PUFs) to overcome these problems. In the proposed protocol, PUFs are used to store the secrets of the clients securely on the server. In case of server compromise, the attacker cannot obtain the seeds of clients’ secrets and can not generate valid OTPs to impersonate the clients. In the case of physical attacks, including side-channel attacks on the server side, our protocol has a mechanism that prevents attackers from learning the secrets of a client interacting with the server. Furthermore, our protocol does not incur any client-side delay in OTP generation.