EAP-FIDO: A Novel EAP Method for Using FIDO2 Credentials for Network Authentication

• URL: http://arxiv.org/abs/2412.03277v1
• Date: Wed, 04 Dec 2024 12:35:30 GMT
• Title: EAP-FIDO: A Novel EAP Method for Using FIDO2 Credentials for Network Authentication
• Authors: Martiño Rivera-Dourado, Christos Xenakis, Alejandro Pazos, Jose Vázquez-Naya,
• Abstract summary: EAP-FIDO allows organisations with WPA2/3-Enterprise wireless networks or MACSec-enabled wired networks to leverage FIDO2's passwordless authentication. We provide a comprehensive security and performance analysis to support the feasibility of this approach.
• Score: 43.91777308855348
• License:
• Abstract: The adoption of FIDO2 authentication by major tech companies in web applications has grown significantly in recent years. However, we argue FIDO2 has broader potential applications. In this paper, we introduce EAP-FIDO, a novel Extensible Authentication Protocol (EAP) method for use in IEEE 802.1X-protected networks. This allows organisations with WPA2/3-Enterprise wireless networks or MACSec-enabled wired networks to leverage FIDO2's passwordless authentication in compliance with existing standards. Additionally, we provide a comprehensive security and performance analysis to support the feasibility of this approach.

Related papers

• 2FA: Navigating the Challenges and Solutions for Inclusive Access [55.2480439325792]
  Two-Factor Authentication (2FA) has emerged as a critical solution to protect online activities. This paper examines the intricacies of deploying 2FA in a way that is secure and accessible to all users. An analysis was conducted to examine the implementation and availability of various 2FA methods across popular online platforms.
  arXiv  Detail & Related papers  (2025-02-17T12:23:53Z)
• AEAKA: An Adaptive and Efficient Authentication and Key Agreement Scheme for IoT in Cloud-Edge-Device Collaborative Environments [7.106119177152857]
  We propose an adaptive and efficient authentication and key agreement scheme (AEAKA) for Cloud-Edge-Device IoT environments. AEAKA is highly adaptive and scalable, capable of automatically and dynamically initiating different authentication methods based on device requirements. It employs an edge-assisted authentication approach to reduce the load on third-party trust authorities.
  arXiv  Detail & Related papers  (2024-11-14T06:55:27Z)
• SoK: Web Authentication in the Age of End-to-End Encryption [9.053236170794579]
  E2EE messaging and backup services have brought new challenges for usable authentication. passwordless authentication ("passkeys") has become a promising candidate to replace passwords altogether. E2EE authentication quickly becomes relevant not only for a niche group of dedicated E2EE enthusiasts but for the general public.
  arXiv  Detail & Related papers  (2024-06-26T10:23:58Z)
• A Novel Protocol Using Captive Portals for FIDO2 Network Authentication [45.84205238554709]
  We introduce FIDO2CAP: FIDO2 Captive-portal Authentication Protocol. We develop a prototype of FIDO2CAP authentication in a mock scenario. This work makes the first systematic approach for adapting network authentication to the new authentication paradigm relying on FIDO2 authentication.
  arXiv  Detail & Related papers  (2024-02-20T09:55:20Z)
• Tamper-Evident Pairing [55.2480439325792]
  Tamper-Evident Pairing (TEP) is an improvement of the Push-Button configuration (PBC) standard. TEP relies on the Tamper-Evident Announcement (TEA), which guarantees that an adversary can neither tamper a transmitted message without being detected, nor hide the fact that the message has been sent. This paper provides a comprehensive overview of the TEP protocol, including all information needed to understand how it works.
  arXiv  Detail & Related papers  (2023-11-24T18:54:00Z)
• When Authentication Is Not Enough: On the Security of Behavioral-Based Driver Authentication Systems [53.2306792009435]
  We develop two lightweight driver authentication systems based on Random Forest and Recurrent Neural Network architectures. We are the first to propose attacks against these systems by developing two novel evasion attacks, SMARTCAN and GANCAN. Through our contributions, we aid practitioners in safely adopting these systems, help reduce car thefts, and enhance driver security.
  arXiv  Detail & Related papers  (2023-06-09T14:33:26Z)
• Zero-Effort Two-Factor Authentication Using Wi-Fi Radio Wave Transmission and Machine Learning [0.0]
  This paper presents a novel zero-effort two-factor authentication (2FA) approach that combines the unique characteristics of a users environment and Machine Learning (ML) to confirm their identity. A prototype was developed using Raspberry Pi devices and experiments were conducted to demonstrate the effectiveness and practicality of the proposed approach. The proposed system holds great promise in revolutionizing the field of 2FA and user authentication, offering a new era of secure and seamless access to sensitive information.
  arXiv  Detail & Related papers  (2023-03-04T21:04:10Z)
• NAS-FAS: Static-Dynamic Central Difference Network Search for Face Anti-Spoofing [94.89405915373857]
  Face anti-spoofing (FAS) plays a vital role in securing face recognition systems. Existing methods rely on expert-designed networks, which may lead to a sub-optimal solution for task FAS. Here we propose the first FAS method based on neural search (NAS), called FAS-FAS, to discover the well-suited task-aware networks.
  arXiv  Detail & Related papers  (2020-11-03T23:34:40Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.