Security and Privacy in New Computing Environments. Third EAI International Conference, SPNCE 2020, Lyngby, Denmark, August 6-7, 2020, Proceedings

Research Article

FIDO – That Dog Won’t Hunt

Download
4 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-66922-5_17,
    author={Michael Scott},
    title={FIDO -- That Dog Won’t Hunt},
    proceedings={Security and Privacy in New Computing Environments. Third EAI International Conference, SPNCE 2020, Lyngby, Denmark, August 6-7, 2020, Proceedings},
    proceedings_a={SPNCE},
    year={2021},
    month={1},
    keywords={Authentication FIDO M-Pin Public key substitution PKI Phishing attacks Credential databases MIRACL},
    doi={10.1007/978-3-030-66922-5_17}
}
  • Michael Scott
    Year: 2021
    FIDO – That Dog Won’t Hunt
    SPNCE
    Springer
    DOI: 10.1007/978-3-030-66922-5_17
Michael Scott,*
    *Contact email: mike.scott@miracl.com

    Abstract

    FIDO is an authentication technology based on the mathematics of public key cryptography that emerged in the 1970s and the 1980s. It is promoted by a large industry backed consortium as the two-factor successor to the username/password mechanism, which is well understood as being no longer fit for purpose. But intrinsic to FIDO is the requirement for both client-side secure hardware and a vulnerable server-side credentials database. Here we propose a better solution which would ditch both of these requirements by separating the registration and authentication processes, and which provides true multi-factor authentication using more modern ideas that have emerged from cryptographic research.

    Keywords
    Authentication FIDO M-Pin Public key substitution PKI Phishing attacks Credential databases MIRACL
    Published
    2021-01-22
    Appears in
    SpringerLink
    http://dx.doi.org/10.1007/978-3-030-66922-5_17
    Copyright © 2020–2025 ICST
    EAI Logo

    About EAI

    Community

    Publish with EAI