Presentation | 2018-03-05 A Design and an Implementation about Password-Free Operation of Authenticator Registration in FIDO Takahiro Oriishi, Kenji Ohira, Michitomo Morii, Hiroki Tanioka, Masahiko Sano, Kenji Matsuura, Tetsushi Ueta, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | As a new authentication framework, FIDO (Fast IDentity Online) is proposed to supersede password-based authentication. In this framework, a user is authenticated by a FIDO authenticator which is installed in a device of the user, and then the authenticator is authenticated by a Relying Party (RP) with a previously registered public key of the authenticator. However, in the procedure to register public key information of theauthenticator onto the RP, password-based authentication still remains. In this paper, we propose a design about the password-free operation of authenticator registration. The key of this design is following three points about communicated messages in authenticator registration procedures: 1) Free from human’s handling; 2) Bare minimum of lifetime; and 3) Herding processes which are vulnerable and must be monitored. We have implemented a prototype system which targets issuing and operating of mobile student ID. In the prototype system, QR code is employed for communication of authenticator registration. This makes 1) and 2) possible. We have also evaluated the proposed procedure of authenticator registration from the viewpoints of cost for implementing, avoidable attacks and easinessof troubleshooting. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | FIDO / Password-Free Authentication |
Paper # | SITE2017-63,IA2017-74 |
Date of Issue | 2018-02-26 (SITE, IA) |
Conference Information | |
Committee | IA / SITE / IPSJ-IOT |
---|---|
Conference Date | 2018/3/5(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Kinugawa Onsen Hotel |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | Internet and Information Ethics Education, etc. |
Chair | Katsuyoshi Iida(Hokkaido Univ.) / Hitoshi Okada(NII) |
Vice Chair | Rei Atarashi(IIJ) / Hiroyuki Osaki(Kwansei Gakuin Univ.) / Tomoki Yoshihisa(Osaka Univ.) / Tetsuya Morizumi(Kanagawa Univ.) / Masaru Ogawa(Kobe Gakuin Univ.) |
Secretary | Rei Atarashi(Tokyo Metropolitan Univ.) / Hiroyuki Osaki(TOYOTA-IT) / Tomoki Yoshihisa(Gifu Shotoku Gakuen Univ.) / Tetsuya Morizumi(Tokyo Univ. of the Arts) / Masaru Ogawa |
Assistant | Kenji Ohira(Tokushima Univ.) / Ryohei Banno(NTT) / Toshiki Watanabe(NEC) / Akiyoshi Kabeya(Chiba Univ.) / Hisanori Kato(KDDI) |
Paper Information | |
Registration To | Technical Committee on Internet Architecture / Technical Committee on Social Implications of Technology and Information Ethics / Special Interest Group on Internet and Operation Technology |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Design and an Implementation about Password-Free Operation of Authenticator Registration in FIDO |
Sub Title (in English) | |
Keyword(1) | FIDO |
Keyword(2) | Password-Free Authentication |
1st Author's Name | Takahiro Oriishi |
1st Author's Affiliation | Tokushima University(Tokushima Univ.) |
2nd Author's Name | Kenji Ohira |
2nd Author's Affiliation | Tokushima University(Tokushima Univ.) |
3rd Author's Name | Michitomo Morii |
3rd Author's Affiliation | Tokushima University(Tokushima Univ.) |
4th Author's Name | Hiroki Tanioka |
4th Author's Affiliation | Tokushima University(Tokushima Univ.) |
5th Author's Name | Masahiko Sano |
5th Author's Affiliation | Tokushima University(Tokushima Univ.) |
6th Author's Name | Kenji Matsuura |
6th Author's Affiliation | Tokushima University(Tokushima Univ.) |
7th Author's Name | Tetsushi Ueta |
7th Author's Affiliation | Tokushima University(Tokushima Univ.) |
Date | 2018-03-05 |
Paper # | SITE2017-63,IA2017-74 |
Volume (vol) | vol.117 |
Number (no) | SITE-471,IA-472 |
Page | pp.pp.67-72(SITE), pp.67-72(IA), |
#Pages | 6 |
Date of Issue | 2018-02-26 (SITE, IA) |