Jump to content
Main menu
Main menu
move to sidebar
hide
Navigation
Main page
Recent changes
Random page
Help about MediaWiki
Special pages
Niidae Wiki
Search
Search
Appearance
Create account
Log in
Personal tools
Create account
Log in
Pages for logged out editors
learn more
Contributions
Talk
Editing
Authenticator
(section)
Page
Discussion
English
Read
Edit
View history
Tools
Tools
move to sidebar
hide
Actions
Read
Edit
View history
General
What links here
Related changes
Page information
Appearance
move to sidebar
hide
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
====FIDO U2F==== A [[FIDO Alliance|FIDO]] [[Universal 2nd Factor]] (U2F) authenticator (''something that one has'') is a single-factor cryptographic authenticator that is intended to be used in conjunction with an ordinary web password. Since the authenticator relies on public-key cryptography, U2F does not require an additional shared secret beyond the password. To access a U2F authenticator, the claimant is required to perform a test of user presence (TUP), which helps prevent unauthorized access to the authenticator's functionality. In practice, a TUP consists of a simple button push. A U2F authenticator interoperates with a conforming web [[user agent]] that implements the U2F JavaScript API.<ref>{{cite web |editor-last1=Balfanz |editor-first1=Dirk |editor-last2=Birgisson |editor-first2=Arnar |editor-last3=Lang |editor-first3=Juan |title=FIDO U2F JavaScript API |url=https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-javascript-api-v1.2-ps-20170411.html |publisher=[[FIDO Alliance]] |access-date=22 March 2019 |date=11 April 2017}}</ref> A U2F authenticator necessarily implements the CTAP1/U2F protocol, one of the two protocols specified in the FIDO [[Client to Authenticator Protocol]].<ref name="FIDO-CTAP">{{cite web |editor-last1=Brand |editor-first1=Christiaan |editor-last2=Czeskis |editor-first2=Alexei |editor-last3=Ehrensvärd |editor-first3=Jakob |editor-last4=Jones |editor-first4=Michael B. |editor-last5=Kumar |editor-first5=Akshay |editor-last6=Lindemann |editor-first6=Rolf |editor-last7=Powers |editor-first7=Adam |editor-last8=Verrept |editor-first8=Johan |title=Client to Authenticator Protocol (CTAP) |url=https://fidoalliance.org/specs/fido-v2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html |publisher=[[FIDO Alliance]] |access-date=22 March 2019 |date=30 January 2019}}</ref> Unlike mobile push authentication, the U2F authentication protocol runs entirely on the front channel. Two round trips are required. The first round trip is ordinary password authentication. After the claimant authenticates with a password, the verifier sends a challenge to a conforming browser, which communicates with the U2F authenticator via a custom JavaScript API. After the claimant performs the TUP, the authenticator signs the challenge and returns the signed assertion to the verifier via the browser.
Summary:
Please note that all contributions to Niidae Wiki may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Encyclopedia:Copyrights
for details).
Do not submit copyrighted work without permission!
Cancel
Editing help
(opens in new window)
Search
Search
Editing
Authenticator
(section)
Add topic
