FIDOにおけるオーセンティケータ登録のパスワードフリーな運用に関する設計と実装

居石 峻寛; 大平 健司; 森井 理智; 谷岡 広樹; 佐野 雅彦; 松浦 健二; 上田 哲史

Presentation	2018-03-05 A Design and an Implementation about Password-Free Operation of Authenticator Registration in FIDO Takahiro Oriishi, Kenji Ohira, Michitomo Morii, Hiroki Tanioka, Masahiko Sano, Kenji Matsuura, Tetsushi Ueta,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	As a new authentication framework, FIDO (Fast IDentity Online) is proposed to supersede password-based authentication. In this framework, a user is authenticated by a FIDO authenticator which is installed in a device of the user, and then the authenticator is authenticated by a Relying Party (RP) with a previously registered public key of the authenticator. However, in the procedure to register public key information of theauthenticator onto the RP, password-based authentication still remains. In this paper, we propose a design about the password-free operation of authenticator registration. The key of this design is following three points about communicated messages in authenticator registration procedures: 1) Free from human’s handling; 2) Bare minimum of lifetime; and 3) Herding processes which are vulnerable and must be monitored. We have implemented a prototype system which targets issuing and operating of mobile student ID. In the prototype system, QR code is employed for communication of authenticator registration. This makes 1) and 2) possible. We have also evaluated the proposed procedure of authenticator registration from the viewpoints of cost for implementing, avoidable attacks and easinessof troubleshooting.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	FIDO / Password-Free Authentication
Paper #	SITE2017-63,IA2017-74
Date of Issue	2018-02-26 (SITE, IA)

Conference Information
Committee	IA / SITE / IPSJ-IOT
Conference Date	2018/3/5(2days)
Place (in Japanese)	(See Japanese page)
Place (in English)	Kinugawa Onsen Hotel
Topics (in Japanese)	(See Japanese page)
Topics (in English)	Internet and Information Ethics Education, etc.
Chair	Katsuyoshi Iida(Hokkaido Univ.) / Hitoshi Okada(NII)
Vice Chair	Rei Atarashi(IIJ) / Hiroyuki Osaki(Kwansei Gakuin Univ.) / Tomoki Yoshihisa(Osaka Univ.) / Tetsuya Morizumi(Kanagawa Univ.) / Masaru Ogawa(Kobe Gakuin Univ.)
Secretary	Rei Atarashi(Tokyo Metropolitan Univ.) / Hiroyuki Osaki(TOYOTA-IT) / Tomoki Yoshihisa(Gifu Shotoku Gakuen Univ.) / Tetsuya Morizumi(Tokyo Univ. of the Arts) / Masaru Ogawa
Assistant	Kenji Ohira(Tokushima Univ.) / Ryohei Banno(NTT) / Toshiki Watanabe(NEC) / Akiyoshi Kabeya(Chiba Univ.) / Hisanori Kato(KDDI)

Paper Information
Registration To	Technical Committee on Internet Architecture / Technical Committee on Social Implications of Technology and Information Ethics / Special Interest Group on Internet and Operation Technology
Language	JPN
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	A Design and an Implementation about Password-Free Operation of Authenticator Registration in FIDO
Sub Title (in English)
Keyword(1)	FIDO
Keyword(2)	Password-Free Authentication
1st Author's Name	Takahiro Oriishi
1st Author's Affiliation	Tokushima University(Tokushima Univ.)
2nd Author's Name	Kenji Ohira
2nd Author's Affiliation	Tokushima University(Tokushima Univ.)
3rd Author's Name	Michitomo Morii
3rd Author's Affiliation	Tokushima University(Tokushima Univ.)
4th Author's Name	Hiroki Tanioka
4th Author's Affiliation	Tokushima University(Tokushima Univ.)
5th Author's Name	Masahiko Sano
5th Author's Affiliation	Tokushima University(Tokushima Univ.)
6th Author's Name	Kenji Matsuura
6th Author's Affiliation	Tokushima University(Tokushima Univ.)
7th Author's Name	Tetsushi Ueta
7th Author's Affiliation	Tokushima University(Tokushima Univ.)
Date	2018-03-05
Paper #	SITE2017-63,IA2017-74
Volume (vol)	vol.117
Number (no)	SITE-471,IA-472
Page	pp.pp.67-72(SITE), pp.67-72(IA),
#Pages	6
Date of Issue	2018-02-26 (SITE, IA)