SDD: A trusted display of FIDO2 transaction confirmation without trusted execution environment
Autor: | Hai Jin, Yubo Zheng, Peng Xu, Ruijie Sun, Wei Wang, Chen Tianyang |
---|---|
Rok vydání: | 2021 |
Předmět: |
Scheme (programming language)
Authentication Correctness Computer Networks and Communications Computer science business.industry Data_MISCELLANEOUS Cryptography Public-key cryptography Hardware and Architecture Overhead (computing) business Database transaction Protocol (object-oriented programming) computer Software Computer network computer.programming_language |
Zdroj: | Future Generation Computer Systems. 125:32-40 |
ISSN: | 0167-739X |
DOI: | 10.1016/j.future.2021.06.034 |
Popis: | The FIDO2 protocol allows users to perform online authentication by setting a public key and avoids the shortcomings of the traditional password authentication mechanism in terms of security. During transaction confirmation with the FIDO2 protocol, users must confirm the transaction message and then sign this message using a cryptographic signature scheme. However, it is a challenge to show that transaction messages are correct or trusted in practice. No available authenticator that supports the FIDO2 protocol uses trusted display hardware to guarantee the correctness of transaction messages. This paper proposes a trusted display of transaction messages by developing a lightweight and trusted base on hardware without a trusted execution environment (TEE). The proposed trusted display is easily applied in the FIDO2 protocol and resists four types of well-known attacks, such as malicious process tampering with display and occupying an authenticator. The experimental results indicate that the improved FIDO2 protocol slightly increases the processing overhead compared to the traditional protocol. |
Databáze: | OpenAIRE |
Externí odkaz: |