A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf
.
Filters
Token meets Wallet: Formalizing Privacy and Revocation for FIDO2
[article]
2022
IACR Cryptology ePrint Archive
formal definition of privacy for FIDO2 and show that these common FIDO2 token implementations are secure in our model, if the underlying building blocks are chosen appropriately. (3) Finally, we address ...
(CRYPTO '21) provided the first formal security model and analysis for the FIDO2 standard. ...
[6] gave the first formal model for token-based two-factor authentication and provided a security proof for the FIDO2 standard. ...
dblp:journals/iacr/HanzlikLW22
fatcat:63g4xgveb5eqjon3cjvpy6qgkq
Token meets Wallet: Formalizing Privacy and Revocation for FIDO2
[article]
2024
(CRYPTO '21) provided the first formal security model and analysis for the FIDO2 standard. ...
To this end, we introduce and analyze a simple revocation procedure that builds on the popular BIP32 standard used in cryptocurrency wallets and can efficiently be implemented with existing FIDO2 servers ...
[BBCW21] gave the first formal model for token-based authentication and provided a security proof for the FIDO2 standard. ...
doi:10.60882/cispa.25304437.v1
fatcat:x66bdsefvbeabpag24pugcc6ci
How many FIDO protocols are needed? Analysing the technology, security and compliance
2024
ACM Computing Surveys
The existing literature leverages all versions of the FIDO protocols, without indicating the reasons behind the choice of each individual FIDO protocol (i.e., U2F, UAF, FIDO2). ...
To provide an answer to the previous question, this paper performs a thorough comparative analysis on the different protocol specifications and their technological and market support, to identify whether ...
Roaming Authentication on Smartphones [146] 20.Token meets Wallet: Formalizing Privacy and Revocation for FIDO2 [79] 21 FIDO2, CTAP 2.1, and WebAuthn 2: Provable Security and Post-Quantum Instantiation ...
doi:10.1145/3654661
fatcat:njalelalajcklhqpd4qyhcpnra
Accountable authentication with privacy protection: The Larch system for universal login
[article]
2024
arXiv
pre-print
We implement larch for FIDO2, TOTP, and password-based login. ...
Given a client with four cores and a log server with eight cores, an authentication with larch takes 150ms for FIDO2, 91ms for TOTP, and 74ms for passwords (excluding preprocessing, which takes 1.23s for ...
We thank the anonymous reviewers and our shepherd Ittay Eyal for their feedback. ...
arXiv:2305.19241v7
fatcat:n4cbmnjywrdtxpppgwecli37nq
A Tutorial on the Interoperability of Self-sovereign Identities
[article]
2022
arXiv
pre-print
process of issuing identities and verifying assertions. ...
Moreover, due to the decentralized nature, interoperability of self-sovereign identities depends on multiple components, such as ones responsible for establishing trust or enabling secure communication ...
Furthermore, we would like to thank Mirko Mollik, Artur Philipp, Sebastian Schmittner, Ralph Tröger, and Sebastian Zickau for their contributions to the IDunion working group for the SSI component investigation ...
arXiv:2208.04692v1
fatcat:cdtbwnspnvagjondvlc2nbdkni
Self-Sovereign Identity: A Systematic Review, Mapping and Taxonomy
[article]
2022
arXiv
pre-print
Additionally, open challenges are discussed, along with recommendations for future work. ...
Thus, SSI reduces identity providers' involvement in the identification, authentication, and authorization, thereby increasing user privacy. ...
When this VC is used to generate VPs, the private keys of both the digital wallet and the FIDO2 token are accessed. ...
arXiv:2108.08338v2
fatcat:njilz6guojcgvja2idt4uhr6ti
Open Identity Summit 2021 - Complete Volume
2021
Open Identity Summit
While it has been noted in earlier work that data governance is central for the successful operation of a data lake, and that privacy is a central issue in such a setting as personal information may be ...
Data lakes are an emerging paradigm for large-scale, integrated data processing within organizations. ...
We would also like to thank NGI_TRUST for proving funding for this project, and we would especially like to thank project mentors, Maite Alvarez and Collin Wallis, for their help and encouragement. ...
dblp:conf/openidentity/X21
fatcat:o54xtce6rneehgbbpsr3vasvvq
Privacy enhancing technologies for identity and access management
2024
Therefore, as the foundation of our system, we have selected the FIDO2 protocol, an industry-recognized and widely supported solution for privacy-preserving passwordless authentication. ...
Throughout our study, we evaluate the guarantees provided by FIDO2 to ensure its suitability for our proposed s [...] ...
Acknowledgements First and foremost, I would like to express my deep gratitude to my thesis supervisor, ...
doi:10.25949/25039991
fatcat:gytkueuv2jg77iifpiqhpf7qua
Self-Sovereign Identity: A Systematic Review, Mapping and Taxonomy
2022
Additionally, open challenges are discussed along with recommendations for future work. ...
Thus, SSI reduces identity providers' involvement in the identification, authentication, and authorization, thereby increasing user privacy. ...
When this VC is used to generate VPs, the private keys of both the digital wallet and the FIDO2 token are accessed. ...
doi:10.3390/s22155641
pmid:35957198
pmcid:PMC9371034
fatcat:s6zqgzqgxngyhjwacagyckchbu