| Item type |
SIG Technical Reports(1) |
| 公開日 |
2021-11-01 |
| タイトル |
|
|
タイトル |
Certificate Verification under FIDO Authentication |
| タイトル |
|
|
言語 |
en |
|
タイトル |
Certificate Verification under FIDO Authentication |
| 言語 |
|
|
言語 |
eng |
| 資源タイプ |
|
|
資源タイプ識別子 |
http://purl.org/coar/resource_type/c_18gh |
|
資源タイプ |
technical report |
| 著者所属 |
|
|
|
The University of Tokyo |
| 著者所属 |
|
|
|
The University of Tokyo |
| 著者所属(英) |
|
|
|
en |
|
|
The University of Tokyo |
| 著者所属(英) |
|
|
|
en |
|
|
The University of Tokyo |
| 著者名 |
Momoko, Shiraishi
Hitoshi, Aida
|
| 著者名(英) |
Momoko, Shiraishi
Hitoshi, Aida
|
| 論文抄録 |
|
|
内容記述タイプ |
Other |
|
内容記述 |
As a variety of financial applications are offered, the security in the authentication of users or transactions is required. FIDO authentication is considered to be resistant to man-in-the-middle attacks in user authentication because only the signed authentication result is returned to the authentication server without sending any secret information. Accordingly, it enables authentication without passwords, which is more user-friendly and has recently been introduced into various applications. However, under the current authentication protocol, if any of the software modules comprising FIDO authentication is infected with malware and behaves improperly, it is possible to lead mis-binding attack, parallel session attack, or DoS attack. In this paper, we specify the attacking paths of which types are the mis-binding attack and the parallel session attack. Afterwards, we propose a protocol to authenticate each software module that constitutes FIDO authentication on a session-by-session basis in order to deal with these attacks. |
| 論文抄録(英) |
|
|
内容記述タイプ |
Other |
|
内容記述 |
As a variety of financial applications are offered, the security in the authentication of users or transactions is required. FIDO authentication is considered to be resistant to man-in-the-middle attacks in user authentication because only the signed authentication result is returned to the authentication server without sending any secret information. Accordingly, it enables authentication without passwords, which is more user-friendly and has recently been introduced into various applications. However, under the current authentication protocol, if any of the software modules comprising FIDO authentication is infected with malware and behaves improperly, it is possible to lead mis-binding attack, parallel session attack, or DoS attack. In this paper, we specify the attacking paths of which types are the mis-binding attack and the parallel session attack. Afterwards, we propose a protocol to authenticate each software module that constitutes FIDO authentication on a session-by-session basis in order to deal with these attacks. |
| 書誌レコードID |
|
|
収録物識別子タイプ |
NCID |
|
収録物識別子 |
AA11235941 |
| 書誌情報 |
研究報告コンピュータセキュリティ(CSEC)
巻 2021-CSEC-95,
号 21,
p. 1-8,
発行日 2021-11-01
|
| ISSN |
|
|
収録物識別子タイプ |
ISSN |
|
収録物識別子 |
2188-8655 |
| Notice |
|
|
|
SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc. |
| 出版者 |
|
|
言語 |
ja |
|
出版者 |
情報処理学会 |
IPSJ-CSEC21095021.pdf (2.1 MB)
