Abstract
A recently popular alternative being proposed to password-based web authentication is FIDO2 standard. Although phishing-resistant password-less authentication with FIDO2 is a step in the right direction, it falls short in numerous usability and accessibility aspects. FIDO2 protocols requiring specific hardware and software devices that must be "FIDO certified"could prevent it from reaching a wide audience. Furthermore, end-users' perception, acceptance, and usability concerns can potentially hinder widespread adoption. As an answer to these shortcomings, we present a QR-Code-based authentication protocol that offers the same security guarantees of public key cryptography coupled with more accessible infrastructure that can be easily integrated into existing systems.
Original language | English |
---|---|
Title of host publication | 16th International Conference on Information Security and Cryptology, ISCTURKEY 2023 - Proceedings |
Editors | Ali Aydin Selcuk, Oguz Yayla, Seref Sagiroglu, Cihangir Tezcan |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
ISBN (Electronic) | 9798350393996 |
DOIs | |
Publication status | Published - 2023 |
Event | 16th International Conference on Information Security and Cryptology, ISCTURKEY 2023 - Ankara, Turkey Duration: 18 Oct 2023 → 19 Oct 2023 |
Publication series
Name | 16th International Conference on Information Security and Cryptology, ISCTURKEY 2023 - Proceedings |
---|
Conference
Conference | 16th International Conference on Information Security and Cryptology, ISCTURKEY 2023 |
---|---|
Country/Territory | Turkey |
City | Ankara |
Period | 18/10/23 → 19/10/23 |
Bibliographical note
Publisher Copyright:© 2023 IEEE.
Keywords
- authentication protocol
- FIDO2
- passwordless authentication
- public-key cryptography
- user authentication