@techreport{oai:ipsj.ixsq.nii.ac.jp:00213584,
 author = {Momoko, Shiraishi and Hitoshi, Aida and Momoko, Shiraishi and Hitoshi, Aida},
 issue = {21},
 month = {Nov},
 note = {As a variety of financial applications are offered, the security in the authentication of users or transactions is required. FIDO authentication is considered to be resistant to man-in-the-middle attacks in user authentication because only the signed authentication result is returned to the authentication server without sending any secret information. Accordingly, it enables authentication without passwords, which is more user-friendly and has recently been introduced into various applications. However, under the current authentication protocol, if any of the software modules comprising FIDO authentication is infected with malware and behaves improperly, it is possible to lead mis-binding attack, parallel session attack, or DoS attack. In this paper, we specify the attacking paths of which types are the mis-binding attack and the parallel session attack. Afterwards, we propose a protocol to authenticate each software module that constitutes FIDO authentication on a session-by-session basis in order to deal with these attacks., As a variety of financial applications are offered, the security in the authentication of users or transactions is required. FIDO authentication is considered to be resistant to man-in-the-middle attacks in user authentication because only the signed authentication result is returned to the authentication server without sending any secret information. Accordingly, it enables authentication without passwords, which is more user-friendly and has recently been introduced into various applications. However, under the current authentication protocol, if any of the software modules comprising FIDO authentication is infected with malware and behaves improperly, it is possible to lead mis-binding attack, parallel session attack, or DoS attack. In this paper, we specify the attacking paths of which types are the mis-binding attack and the parallel session attack. Afterwards, we propose a protocol to authenticate each software module that constitutes FIDO authentication on a session-by-session basis in order to deal with these attacks.},
 title = {Certificate Verification under FIDO Authentication},
 year = {2021}
}