Security Keys: Practical Cryptographic Second Factors for the Modern Web
| Autor: | Juan Lang, Alexei Czeskis, Dirk Balfanz, Marius Schilder, Sampath Srinivas |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Cryptographic primitive
business.industry Computer science 02 engineering and technology Cryptographic protocol Computer security computer.software_genre Web application security Phishing Controlled Cryptographic Item World Wide Web Symmetric-key algorithm 020204 information systems 0202 electrical engineering electronic engineering information engineering Web application 020201 artificial intelligence & image processing business Key management computer |
| Zdroj: | Financial Cryptography and Data Security ISBN: 9783662549698 Financial Cryptography |
| DOI: | 10.1007/978-3-662-54970-4_25 |
| Popis: | “Security Keys” are second-factor devices that protect users against phishing and man-in-the-middle attacks. Users carry a single device and can self-register it with any online service that supports the protocol. The devices are simple to implement and deploy, simple to use, privacy preserving, and secure against strong attackers. We have shipped support for Security Keys in the Chrome web browser and in Google’s online services. We show that Security Keys lead to both an increased level of security and user satisfaction by analyzing a two year deployment which began within Google and has extended to our consumer-facing web applications. The Security Key design has been standardized by the FIDO Alliance, an organization with more than 250 member companies spanning the industry. Currently, Security Keys have been deployed by Google, Dropbox, and GitHub. An updated and extended tech report is available at https://github.com/google/u2f-ref-code/docs/SecurityKeys_TechReport.pdf. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|