Link to this headingFIDO (Fast Identity Online)
- Uses a Public Private key generated when adding the device for 2FA
https://gist.github.com/Kranzes/be4fffba5da3799ee93134dc68a4c67b ssh key in fido
Link to this headingFIDO 1.0
Link to this headingFIDO UAF (Universal Authentication Framework)
Registration:
- Website/Software asks the device to create a Private/Public Key Pair
- The Public Key is sent to the server
Authentication:
- The device verifies the owner from a pin, touch or biometrics.
- Then signs the challenge that is sent to the server.
Link to this headingFIDO U2F (Universal Second Factor)
Link to this headingFIDO2
- New Protocol
- Can be used for passwordless authentication
Link to this headingWeb Authentication (WebAuthn)
[See Webauthn](/Web Exploitation/Auth/WebAuthn.md)
Link to this headingCTAP1 (Client to Authenticator Protocol)
Link to this headingCTAP2 (Client to Authenticator Protocol 2)
- This is the protocol that the YubiKey uses to communicate with the computer.
- Usually over USB, NFC or Bluetooth