Remote WebAuthn: FIDO2 Authentication for Less Accessible Devices

Wagner, Paul Georg; Heid, Kris; Heider, Jens

doi:10.5220/0010192703680375

Cited by 5 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [54] and [44] usability studies are presented. [100] and [61] suggest remote and external FIDO2 authentication respectively, using QR codes. In [28] a sim TPM FIDO authenticator is presented.…”

Section: Survey Of Fido-related Scientific Publicationsmentioning

confidence: 99%

“…(5) WebAuthn -A theoretical framework for a remote FIDO2 authentication, in cases where specialised hardware is unavailable is presented in [100]. Authors in [3] focus on the pitfalls of WebAuthn for developers indicating that lack of sufficient understanding of the protocol, insecure or incomplete of libraries and privacy concerns are pivotal issues for the community.…”

Section: Survey Of Fido-related Scientific Publicationsmentioning

confidence: 99%

See 1 more Smart Citation

How many FIDO protocols are needed? Surveying the design, security and market perspectives

Angelogianni,

Politis,

Xenakis

2021

Preprint

View full text Add to dashboard Cite

Unequivocally, a single man in possession of a strong password is not enough to solve the issue of security. Studies indicate that passwords have been subjected to various attacks, regardless of the applied protection mechanisms due to the human factor. The keystone for the adoption of more efficient authentication methods by the different markets is the trade-off between security and usability. To bridge the gap between user friendly interfaces and advanced security features, the Fast Identity Online (FIDO) alliance defined a number of authentication protocols. Although FIDO's biometric based authentication is not a novel concept, still daunts end users and developers, which maybe a contributor factor obstructing FIDO's complete dominance of the digital authentication market.This paper traces the evolution of FIDO protocols, by identifying the technical characteristics and security requirements of the FIDO protocols throughout the different versions while providing a comprehensive study on the different markets (e.g., digital banking, social networks, e-government, etc.), applicability, easy of use, extensibility and future security considerations. From the analysis we conclude that there is currently no dominant version of a FIDO protocol and more importantly, earlier FIDO protocols are still applicable to emerging vertical services.CCS Concepts: • Security and privacy → Security protocols.

show abstract

Section: Survey Of Fido-related Scientific Publicationsmentioning

confidence: 99%

Section: Survey Of Fido-related Scientific Publicationsmentioning

confidence: 99%