M. Adham, A. Azodi, Y. Desmedt, and I. Karaolis, How to Attack Two-Factor Authentication Internet Banking, Financial Cryptography and Data Security, pp.322-328, 2013.
DOI : 10.1007/978-3-642-39884-1_27

I. Anati, S. Gueron, S. Johnson, and V. Scarlata, Innovative technology for CPU based attestation and sealing, 2 nd Int. Workshop on Hardware and Architectural Support for Security and Privacy, 2013.

S. Ariyapperuma and C. J. Mitchell, Security vulnerabilities in DNS and DNSSEC, The Second International Conference on Availability, Reliability and Security (ARES'07), pp.335-342, 2007.
DOI : 10.1109/ARES.2007.139

W. Arthur and D. Challener, A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security, 2015.
DOI : 10.1007/978-1-4302-6584-9

J. Bau and J. C. Mitchell, A security evaluation of DNSSEC with NSEC3, Network and Distributed System Security Symposium (NDSS)

B. Blanchet, A Computationally Sound Mechanized Prover for Security Protocols, IEEE Transactions on Dependable and Secure Computing, vol.5, issue.4, pp.193-207, 2008.
DOI : 10.1109/TDSC.2007.1005

B. Blanchet, Automatic verification of correspondences for security protocols*, Journal of Computer Security, vol.17, issue.4, pp.363-434, 2009.
DOI : 10.3233/JCS-2009-0339

S. Bugiel, A. Dmitrienko, K. Kostiainen, A. Sadeghi, and M. Winandy, TruWalletM: Secure Web Authentication on Mobile Platforms, Int. Conf. on Trusted Systems, pp.219-236, 2010.
DOI : 10.1145/242896.242897

S. Bursuc, C. Johansen, and S. Xu, Automated Verification of Dynamic Root of Trust Protocols, 6 th Int. Conf. on Principles of Security and Trust, pp.95-116, 2017.
DOI : 10.1109/CSF.2012.25

M. Conti, G. Lovisotto, I. Martinovic, and G. Tsudik, FADEWICH: Fast Deauthentication Over the Wireless Channel, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp.1-13, 2017.
DOI : 10.1109/ICDCS.2017.296

F. D. Davis, User acceptance of information technology: system characteristics, user perceptions and behavioral impacts, International Journal of Man-Machine Studies, vol.38, issue.3, pp.475-487, 1993.
DOI : 10.1006/imms.1993.1022

T. Dierks and E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.2, RFC, vol.5246, 2008.
DOI : 10.17487/rfc5246

S. Dispensa, E. Rescorla, M. Ray, and N. Oskov, Trasnport Layer Security (TLS) Renegotiation Indication Extension, RFC, vol.5746, 2010.

G. Eibl and D. Engel, Influence of Data Granularity on Smart Meter Privacy, IEEE Transactions on Smart Grid, vol.6, issue.2, pp.930-939, 2015.
DOI : 10.1109/TSG.2014.2376613

S. Md, A. Ferdous, and . Jøsang, Entity Authentication & Trust Validation in PKI using Petname Systems, Theory and Practice of Cryptography Solutions for Secure Information Systems, pp.302-334, 2013.

J. Franks, P. Hallam-baker, J. Hostetler, P. Leach, A. Luotonen et al., An Extension to HTTP : Digest Access Authentication, 1997.
DOI : 10.17487/rfc2069

M. Freed and E. Gannesan, Secure sockets layer proxy architecture, US Patent, vol.7, p.149892, 2006.

E. Gamma, R. Helm, R. Johnson, and J. M. Vlissides, Design Patterns: Elements of Reusable Object-Oriented Software, 1994.

S. Gaw, W. Edward, and . Felten, Password management strategies for online accounts, Proceedings of the second symposium on Usable privacy and security , SOUPS '06, pp.44-55, 2006.
DOI : 10.1145/1143120.1143127
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.136.6196

A. Jøsang, C. Rosenberger, L. Miralabé, H. Klevjer, K. A. Varmedal et al., Local user-centric identity management, Journal of Trust Management, vol.19, issue.4, pp.1-28
DOI : 10.6028/NIST.SP.800-63-2

H. Klevjer, K. A. Varmedal, and A. Jøsang, Extended HTTP Digest Access Authentication, Policies and Research in Identity Management (IDMAN), pp.83-96, 2013.
DOI : 10.1007/978-3-642-37282-7_7
URL : https://hal.archives-ouvertes.fr/hal-01470505

H. Krawczyk, K. G. Paterson, and H. Wee, On the Security of the TLS Protocol: A Systematic Analysis, 33rd Annual Advances in Cryptology, pp.429-448, 2013.
DOI : 10.1007/978-3-642-40041-4_24

G. Kwang, R. H. Yap, T. Sim, and R. Ramnath, An Usability Study of Continuous Biometrics Authentication, 3rd International Conference on Advances in Biometrics, pp.828-837, 2009.
DOI : 10.1109/THS.2008.4534505

B. Laurie and A. Singer, the blue pill, Proceedings of the 2008 workshop on New security paradigms, NSPW '08, pp.127-133, 2009.
DOI : 10.1145/1595676.1595695

N. Leavitt, Internet Security under Attack: The Undermining of Digital Certificates, Computer, vol.44, issue.12, pp.17-20, 2011.
DOI : 10.1109/MC.2011.367

C. Lesniewski-laas and M. Kaashoek, SSL splitting: Securely serving data from untrusted caches, Computer Networks, vol.48, issue.5, pp.763-779, 2005.
DOI : 10.1016/j.comnet.2005.01.006
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.156.3705

M. Mannan and P. Van-oorschot, Using a Personal Device to Strengthen Password Authentication from an Untrusted Computer, Financial Cryptography and Data Security, pp.88-103, 2007.
DOI : 10.1007/978-3-540-77366-5_11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.91.3533

C. Félix-gómez-mármol, O. Sorge, G. M. Ugus, and . Pérez, Do not snoop my habits: preserving privacy in the smart grid, IEEE Communications Magazine, vol.50, issue.5, pp.166-172, 2012.
DOI : 10.1109/MCOM.2012.6194398

P. Mayer, H. Berket, and M. Volkamer, Enabling automatic password change in password managers through crowdsourcing

F. Mckeen, I. Alexandrovich, A. Berenzon, C. V. Rozas, H. Shafi et al., Innovative instructions and software model for isolated execution, Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP '13, 2013.
DOI : 10.1145/2487726.2488368

. B-dawn-medlin, A. Joseph, . Cazier, P. Daniel, and . Foulk, Analyzing the Vulnerability of U.S. Hospitals to Social Engineering Attacks, International Journal of Information Security and Privacy, vol.2, issue.3, pp.71-83, 2008.
DOI : 10.4018/jisp.2008070106

D. Migdal, C. Johansen, and A. Jøsang, DEMO, Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS'16, pp.1847-1849, 2016.
DOI : 10.1007/978-3-642-37282-7_7
URL : https://hal.archives-ouvertes.fr/hal-01589899

D. Migdal, C. Johansen, and A. Jøsang, Usable authentication with an offline trusted device proxy architecture (long version), 2016.

J. C. Mitchell, M. Mitchell, and U. Stern, Automated analysis of cryptographic protocols using Murphi, IEEE Symposium on Security and Privacy, pp.141-151, 1997.

A. Popov, Prohibiting RC4 Cipher Suites, RFC RFC Editor, vol.7465, 2015.
DOI : 10.17487/rfc7465

S. Sagiroglu and G. Canbek, Keyloggers, IEEE Technology and Society Magazine, vol.28, issue.3, pp.10-17, 2009.
DOI : 10.1109/MTS.2009.934159

B. Schmidt, S. Meier, C. J. Cremers, and D. A. Basin, Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties, 2012 IEEE 25th Computer Security Foundations Symposium, pp.78-94, 2012.
DOI : 10.1109/CSF.2012.25

K. Severinsen, C. Johansen, and S. Bursuc, Securing the End-points of the Signal Protocol using Intel SGX based Containers In 5 th Workshop on Hot Issues in Security Principles and Trust Available at https://sec, pp.40-47, 2017.

D. Stebila and N. Sullivan, An Analysis of TLS Handshake Proxying, 2015 IEEE Trustcom/BigDataSE/ISPA, pp.279-286, 2015.
DOI : 10.1109/Trustcom.2015.385

I. Traore, A. Awad, and E. Ahmed, Continuous Authentication Using Biometrics: Data, Models, and Metrics, 2011.
DOI : 10.4018/978-1-61350-129-0

. Kent-are, H. Varmedal, J. Klevjer, A. Hovlandsvåg, J. Jøsang et al., The OffPAD: Requirements and usage, Network and System Security, pp.80-93, 2013.

B. Verplanken and W. Wood, Interventions to Break and Create Consumer Habits, Journal of Public Policy & Marketing, vol.25, issue.1, pp.90-103, 2006.
DOI : 10.1509/jppm.25.1.90
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.320.1938