Horng-Twu Liaw

Bio: Horng-Twu Liaw is an academic researcher from Shih Hsin University. The author has contributed to research in topics: Authentication & Password. The author has an hindex of 11, co-authored 48 publications receiving 565 citations.

Robust and Efficient Password-Authenticated Key Agreement Using Smart Cards

Abstract: User authentication and key agreement is an important security primitive for creating a securely distributed information system. Additionally, user authentication and key agreement is very useful for providing identity privacy to users. In this paper, we propose a robust and efficient user authentication and key agreement scheme using smart cards. The main merits include the following: 1) the computation and communication cost is very low; 2) there is no need for any password or verification table in the server; 3) a user can freely choose and change his own password; 4) it is a nonce-based scheme that does not have a serious time-synchronization problem; 5) servers and users can authenticate each other; 6) the server can revoke a lost card and issue a new card for a user without changing his identity; 7) the privacy of users can be protected; 8) it generates a session key agreed upon by the user and the server; and 9) it can prevent the offline dictionary attack even if the secret information stored in a smart card is compromised.

A Verifiable Multi-Authority Secret Election Allowing Abstention from Voting

Abstract: In this paper, we propose a robust and verifiable multi-authority secret voting scheme which meets the requirements of large-scale general elections. This scheme uses a uniquely blind threshold signature scheme to get blind threshold electronic votes such that any voter can abstain from voting after the registration phase. It also uses the threshold cryptosystem to guarantee fairness among the candidates’ campaigns and to provide a mechanism for ensuring that any voter can make an open objection to the tally if his vote has not been published. In this scheme, the computations among voters are independent and voters only have to send an anonymous message to the counter after the registration phase. This scheme preserves the privacy of a voter from the counter, administrators, scrutineers and other voters. Completeness, robustness and verifiability of the voting process are ensured and hence no one can produce a false tally or corrupt or disrupt the election.

Information privacy research: an interdisciplinary review

Abstract: To date, many important threads of information privacy research have developed, but these threads have not been woven together into a cohesive fabric. This paper provides an interdisciplinary review of privacy-related research in order to enable a more cohesive treatment. With a sample of 320 privacy articles and 128 books and book sections, we classify previous literature in two ways: (1) using an ethics-based nomenclature of normative, purely descriptive, and empirically descriptive, and (2) based on their level of analysis: individual, group, organizational, and societal. Based upon our analyses via these two classification approaches, we identify three major areas in which previous research contributions reside: the conceptualization of information privacy, the relationship between information privacy and other constructs, and the contextual nature of these relationships. As we consider these major areas, we draw three overarching conclusions. First, there are many theoretical developments in the body of normative and purely descriptive studies that have not been addressed in empirical research on privacy. Rigorous studies that either trace processes associated with, or test implied assertions from, these value-laden arguments could add great value. Second, some of the levels of analysis have received less attention in certain contexts than have others in the research to date. Future empirical studies-both positivist and interpretive--could profitably be targeted to these under-researched levels of analysis. Third, positivist empirical studies will add the greatest value if they focus on antecedents to privacy concerns and on actual outcomes. In that light, we recommend that researchers be alert to an overarching macro model that we term APCO (Antecedents → Privacy Concerns → Outcomes).

Internet Privacy Concerns and Social Awareness as Determinants of Intention to Transact

Abstract: This study focuses on antecedents to Internet privacy concerns and the behavioral intention to conduct on-line transactions. Perceptions of privacy are socially constructed through communication and transactions with social entities over a networked environment, a process that involves a certain level of technical skill and literacy. The research model specifies that social awareness and Internet literacy are related to both Internet privacy and intention to transact. Survey data collected from 422 respondents were analyzed using structural equation modeling (SEM) with LISREL and provided support for the hypothesized relationships. Social awareness was positively related and Internet literacy was negatively related to Internet privacy concerns. Moreover, Internet privacy concerns were negatively related and Internet literacy positively related to intention to transact on-line. This research explores the two alternative antecedents to Internet privacy concerns and intention to engage in e-commerce activity and contributes to our understanding of Internet privacy and its importance in the global information environment. The construct of social awareness can be broadened to develop a much-needed construct of awareness in MIS research related to the voluntary usage of information technology. A segmentation of Internet users with respect to privacy concerns is also proposed.