Emulating U2F authenticator devices

机译：模拟U2F身份验证器设备

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Password authentication has been made more secure by adding additional factors. Unfortunately, popular two-factor authentication methods are vulnerable to attacks themselves. Therefore, the FIDO alliance proposed Universal Second Factor (U2F), an open standard aiming for unified interfaces, secure protocols, and hardware-backed tokens for authentication. However, U2F requires the user to purchase and constantly carry yet another distinct device. We propose an enhancement to U2F making it more user friendly. First, we enable the use of existing cryptographic devices a user already carries around (e. g. a bank card or her smartphone). Second, we provide increased token mobility by enabling remote authenticator tokens. Our showcases demonstrate logging into a web application as well as logging into Microsoft's Windows 10 with a cryptographic smart card via card reader or NFC, Austria's eID, a smartphone, a cloud key service, and a remote U2F token. Our evaluations indicate that our approach is more usable and easier to deploy than stock U2F while it keeps its security features intact. Only a few additional risks are induced by the underlying cryptographic devices. All in all, we believe that our enhancements can push acceptance of U2F even further and thus, make everyone benefit from state-of-the-art authentication.

机译：通过添加其他因素，密码身份验证变得更加安全。不幸的是，流行的两因素身份验证方法本身容易受到攻击。因此，FIDO联盟提出了通用第二因素（U2F），这是一个开放标准，旨在统一接口，安全协议和硬件支持的令牌进行身份验证。但是，U2F要求用户购买并不断携带另一个不同的设备。我们建议对U2F进行增强，使其更加用户友好。首先，我们允许使用用户已经随身携带的现有加密设备（例如，银行卡或她的智能手机）。其次，我们通过启用远程身份验证器令牌来提供增强的令牌移动性。我们的展示展示了登录网络应用程序以及通过读卡器或NFC，奥地利的eID，智能手机，云密钥服务和远程U2F令牌使用加密智能卡登录Microsoft的Windows 10。我们的评估表明，与现有的U2F相比，我们的方法在保持其安全功能完整的同时，更实用，更易于部署。底层密码设备仅引起一些额外的风险。总而言之，我们相信我们的增强功能可以进一步推动人们对U2F的接受，从而使每个人都从最新的身份验证中受益。

著录项

来源
《IEEE Conference on Communications and Network Security》|2016年|543-551|共9页
会议地点
作者
Florian Reimair; Christian Kollmann; Alexander Marsalek;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Authentication; Cryptography; Hardware; Browsers; Privacy; Standards;

机译：身份验证;密码学;硬件;浏览器;隐私权;标准;

相似文献

外文文献
中文文献
专利

1. Home Network Device Authentication: Device Authentication Framework and Device Certificate Profile [J] . Yun-Kyung Lee, Deok Gyu Lee, Jong-Wook Han, The Computer journal . 2009,第8期

机译：家庭网络设备身份验证：设备身份验证框架和设备证书配置文件
2. I-Am: Implicitly Authenticate Me—Person Authentication on Mobile Devices Through Ear Shape and Arm Gesture [J] . Andrea F. Abate, Michele Nappi, Stefano Ricciardi IEEE Transactions on Systems, Man, and Cybernetics . 2019,第3期

机译：I-Am：隐式认证我-通过耳形和手臂手势在移动设备上进行人认证
3. User-Habit-Oriented Authentication Model: Toward Secure, User-Friendly Authentication for Mobile Devices [J] . Seto Jamie, Wang Ye, Lin Xiaodong Emerging Topics in Computing, IEEE Transactions on . 2015,第1期

机译：面向用户习惯的身份验证模型：面向移动设备的安全，用户友好的身份验证
4. Emulating U2F authenticator devices [C] . Florian Reimair, Christian Kollmann, Alexander Marsalek IEEE Conference on Communications and Network Security . 2016

机译：模拟U2F认证器设备
5. Identity Authentication and Near Field Device Authentication for Smart Devices. [D] . Li, Lingjun. 2014

机译：智能设备的身份验证和近场设备验证。
6. Device Thrombogenicty Emulator (DTE) – Design optimization Methodology for Cardiovascular Devices: A Study in Two Bileaflet MHV Designs [O] . Michalis Xenos, Gaurav Girdhar, Yared Alemu, -1

机译：器件血栓发育性仿真器（DTE） - 心血管设备设计优化方法：两种双BILAFLED MHV设计的研究
7. Evaluation and Implementation of SQRL and U2F as 2nd Factor Authenticators for CERN Single Sign-On [O] . Nadeem Azqa, Brillault Vincent, Lueders Stefan 2015

机译：SQRL和U2F作为CERN单点登录的第二因素验证者的评估和实现
8. Emulating Industrial Control System Field Devices Using Gumstix Technology. [R] . Berman, D. J. 2012

机译：使用Gumstix技术仿真工业控制系统现场设备。

Emulating U2F authenticator devices

摘要

著录项

相似文献

相关主题

期刊订阅