HOME

TheInfoList



Click Here for Items Related To - FIDO2 Project
OR:
FIDO2 Project on:   [Wikipedia]   [Google]   [Amazon]

The FIDO2 Project is a joint effort between the
FIDO Alliance The FIDO ("Fast IDentity Online") Alliance is an open industry association launched in February 2013 whose stated mission is to develop and promote authentication standards that "help reduce the world’s over-reliance on passwords". FIDO addres ...
and the
World Wide Web Consortium The World Wide Web Consortium (W3C) is the main international standards organization for the World Wide Web. Founded in 1994 and led by Tim Berners-Lee, the consortium is made up of member organizations that maintain full-time staff working t ...
(W3C) whose goal is to create strong authentication for the web. At its core, FIDO2 consists of the W3C Web Authentication ( WebAuthn) standard and the FIDO
Client to Authenticator Protocol The Client to Authenticator Protocol (CTAP) or X.1278 enables a roaming, user-controlled cryptographic authenticator (such as a smartphone or a hardware security key) to interoperate with a client platform such as a laptop. Standard CTAP is comp ...
2 (CTAP2). FIDO2 is based upon previous work done by the FIDO Alliance, in particular the
Universal 2nd Factor Universal 2nd Factor (U2F) is an open standard that strengthens and simplifies two-factor authentication (2FA) using specialized Universal Serial Bus (USB) or near-field communication (NFC) devices based on similar security technology found in sma ...
(U2F) authentication standard. Taken together, WebAuthn and CTAP specify a standard authentication protocol where the protocol endpoints consist of a user-controlled
cryptographic Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or ''-logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adver ...
authenticator (such as a smartphone or a hardware
security key A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to or in place of a password. It acts like an electronic key to access something. Examples of security tokens incl ...
) and a WebAuthn Relying Party (also called a FIDO2 server). A web
user agent In computing, a user agent is any software, acting on behalf of a user, which "retrieves, renders and facilitates end-user interaction with Web content". A user agent is therefore a special kind of software agent. Some prominent examples of u ...
(i.e., a web browser) together with a WebAuthn client form an intermediary between the authenticator and the relying party. A single WebAuthn client Device may support multiple WebAuthn clients. For example, a laptop may support multiple clients, one for each conforming user agent running on the laptop. A conforming user agent implements the WebAuthn JavaScript API. As its name implies, the
Client to Authenticator Protocol The Client to Authenticator Protocol (CTAP) or X.1278 enables a roaming, user-controlled cryptographic authenticator (such as a smartphone or a hardware security key) to interoperate with a client platform such as a laptop. Standard CTAP is comp ...
(CTAP) enables a conforming cryptographic authenticator to interoperate with a WebAuthn client. The CTAP specification refers to two protocol versions called CTAP1/U2F and CTAP2. An authenticator that implements one of these protocols is typically referred to as a U2F authenticator or a FIDO2 authenticator, respectively. A FIDO2 authenticator that also implements the CTAP1/U2F protocol is backward compatible with U2F. The invention of using a smartphone as a cryptographic authenticator on a computer network is claimed in US Patent 7,366,913 filed in 2002.US Paten
7,366,913
/ref>


References

{{Reflist Authentication Identification World Wide Web Consortium Internet security Projects established in 2019