Skip to content
Pomcor

Pomcor

Research on web and mobile technology

  • Home
  • Blog
  • Developers
    • PJCL Library
    • Demonstrations
  • Research
    • Cryptographic Authentication
    • TLS Traffic Visibility
    • Cardholder Authentication
    • Remote Identity Proofing
    • Cryptographic Modules
    • Derived Credentials
    • Archived Research Pages
  • Patents
    • Patents
    • Streamlined Process for Licensing US Patent 9,887,989 to a Particular Web Site
  • About Us
    • Company
    • People
    • Contact
  • Archive
Pomcor

Pomcor JavaScript Cryptographic Library (PJCL)

PJCL is now on GitHub

We have refactored PJCL as an ES6 module and released version 1.0.0 on GitHub at https://github.com/fcorella/pjcl.git under the MIT open source license. Earlier beta test versions have been archived and deprecated.

Documentation can now be found in GitHub at https://github.com/fcorella/pjcl/blob/main/pjcl-documentation.pdf.

For more information see this blog post.

Papers

  • Overcoming the UX Challenges Faced by FIDO Credentials in the Consumer Space, preprint of paper to be presented at HCI International 2023. Updated on 3/18/2023 to add a patent disclosure.
  • A Possible-Worlds Semantics for Kolmogorov’s Axiomatization of Probability Theory
  • Traveler Authentication at Airports
  • Fundamental Security Flaws in the 3-D Secure 2 Cardholder Authentication Specification
  • An Omission-Tolerant Cryptographic Checksum
  • Frictionless Web Payments with Cryptographic Cardholder Authentication, authors’ version of a paper presented at HCI International 2019. Publisher’s version available in the Late Breaking Papers volume of the proceedings
  • Using Near-Field Communication for Remote Identity Proofing
  • Backing Rich Credentials with a Blockchain PKI
  • Rich Credentials for Remote Identity Proofing
  • Identity-Based Protocol Design Patterns for Machine-to-Machine Secure Channels (Paper presented at M2MSec 2014)
  • Interpreting the EMV Tokenisation Specification
  • An Example of a Derived Credentials Architecture
  • It Is Time To Redesign Transport Layer Security
  • Privacy Postures of Authentication Technologies
  • A Comprehensive Approach to Cryptographic and Biometric Authentication from a Mobile Perspective

Presentations

  • 2F-crypto-authn.pptx, step-by-step description of the code in the GitHub repository 2F-crypto-authn-demo, which demonstrates two-factor cryptographic authentication with a fusion credential.
  • Overcoming the UX Challenges Faced by FIDO Credentials in the Consumer Space, presented at HCI International on July 24, 2023
  • UX of Diia, presented at IIW XXXVI on April 18, 2023
  • FIDO for “everything”—How to use FIDO as an alternative to SAML, as an alternative to OpenID Connect, as an alternative to US Government Derived Credentials, for privacy-enhanced identification, and for user-centric identity
  • Cardholder Authentication and Payment Confirmation without Interaction with the Issuing Bank, to be presented at IIW XXXV, November 15-17, 2022
  • Frictionless Web Payments with Cryptographic Cardholder Authentication, with speaker notes; presented at HCI International 2019; updated August 1, 2019
  • The Rise of Cryptographic Authentication, presentation at SJSU, April 5, 2018, updated April 9
  • Storing Cryptographic Keys in Persistent Browser Storage, presentation at ICMC2017, revised after the conference
  • New Techniques for Remote Identity Proofing, presentation at CSUS on February 22, 2017
  • Presentation on Remote Identity Proofing at IIW 23
  • Five Techniques for Remote Identity Proofing, presentation to Government agencies at the conclusion of this project
  • Revocable Biometrics, slides for discussion at IIW XXII
  • Slides of presentation at ICMC 2015, revised after the conference
  • Faster Implementation of Modular Exponentiation in JavaScript: PDF; PowerPoint
  • Video interview of F. Corella (GlobalPlatform TEE Conf. 2014)
  • Virtual Tamper Resistance for a TEE (GlobalPlatform TEE Conf. 2014)
  • ID-Based Design Patterns for M2M Secure Channels (M2MSec 2014)
  • It’s Time to Replace SSL/TLS (U. of Utah 2014)
  • Privacy Postures of Authentication Technologies (ID360 2013)
  • Key Management Challenges of Derived Credentials and Techniques for Addressing Them (NIST Key Management W. 2012)

Archive

  • Archive page
  • Categories of papers, presentations and blog posts within the archive page:
    • Identity Proofing
    • Authentication
    • Privacy
    • Data Protection
    • Payments
    • Mobile
    • Cryptography
    • Biometrics
    • Network Security Protocols
    • Web Application Security
    • Password Security
    • Search
    • Public Comments to Government by Pomcor
    • All Categories

About Us

  • Blog
  • Company
  • Contact Us
  • CONNECT Springboard Mentoring
  • Recent Funding
  • Earlier Funding

Terms and Privacy

  • Terms of Use, updated May 27, 2018
  • Privacy Policy, updated May 18, 2022

RSS Feeds

RSS logo Subscribe to blog posts

RSS logo Subscribe to comments

Recent Blog Posts

  • A Demonstration of Two-Factor Cryptographic Authentication with a Familiar User Experience
  • A Brief Overview of Cryptographic Authentication with a Discussion of Three Hot Topics
  • FIDO2 and WebAuthn have momentum but won’t help if they are not used
  • Overcoming the UX Challenges Faced by FIDO Credentials in the Consumer Space
  • A User Experience for Strong Authentication in the Consumer Space

Blog Post Categories

Blog Post Tags

  • 3DS2
  • Authentication
  • Biometrics
  • Blockchain
  • CAC
  • Cryptography
  • Cybersecurity
  • Data Protection
  • Derived Credentials
  • Facebook
  • Formal Methods
  • HCI
  • Identity
  • Identity Proofing
  • IIW
  • Integrity Protection
  • JavaScript
  • Karatsuba
  • Mobile
  • MongoDB
  • Multifactor
  • Network Security Protocols
  • NIST
  • NodeJS
  • NSTIC
  • OAuth
  • Omission-Tolerant Checksum
  • OpenID
  • OpenID Connect
  • Patents
  • Payments
  • PIV
  • PJCL
  • PKAuth
  • PKI
  • Privacy
  • Provable Security
  • Search
  • Selective Disclosure
  • Smart Cards
  • Social Login
  • TEE
  • TLS
  • Usability
  • User Experience
  • Home
  • Blog
  • Developers
    • PJCL Library
    • Demonstrations
  • Research
    • Cryptographic Authentication
    • TLS Traffic Visibility
    • Cardholder Authentication
    • Remote Identity Proofing
    • Cryptographic Modules
    • Derived Credentials
    • Archived Research Pages
  • Patents
    • Patents
    • Streamlined Process for Licensing US Patent 9,887,989 to a Particular Web Site
  • About Us
    • Company
    • People
    • Contact
  • Archive
Pomcor Proudly powered by WordPress