Cryptology ePrint Archive: Report 2020/756

Provable Security Analysis of FIDO2

Shan Chen and Manuel Barbosa and Alexandra Boldyreva and Bogdan Warinschi

Abstract: We carry out the first provable security analysis of the new FIDO2 protocols, the promising FIDO Alliance’s proposal for a standard for passwordless user authentication. Our analysis covers the core components of FIDO2: the new Client-to-Authenticator Protocol (CTAP2) and the Web Authentication (WebAuthn) specification.

Our analysis is modular. For CTAP2 and WebAuthn, in turn, we propose appropriate security models that aim to capture their intended security goals and use the models to analyze security. We identify a series of shortcomings and propose stronger protocols designed to withstand stronger yet realistic adversaries. Next, we prove the security guarantees FIDO2 provides based on the security of its components.

We expect that our models and provable security results will help clarify the security guarantees of the FIDO2 protocols. In addition, our proposed constructions should pave the way towards the design and deployment of more secure passwordless user authentication protocols.

Category / Keywords: cryptographic protocols / applied cryptography, provable security, authentication, FIDO2, CTAP2, WebAuthn

Date: received 20 Jun 2020

Contact author: shanchen at gatech edu,mbb@fc up pt,sasha@gatech edu,bogdan warinschi@gmail com

Available format(s): PDF | BibTeX Citation

Version: 20200621:174208 (All versions of this report)

Short URL: ia.cr/2020/756


[ Cryptology ePrint archive ]