Analisis dan Implementasi Protokol Otentikasi FIDO U2F

Sunderi Pranata; Hargyo Tri Nugroho; Hirofumi Yamaki

doi:10.31937/sk.v9i1.571

Analisis dan Implementasi Protokol Otentikasi FIDO U2F

Sunderi Pranata Universitas Multimedia Nusantara
Hargyo Tri Nugroho Universitas Multimedia Nusantara
Hirofumi Yamaki Tokyo Denki University

DOI: https://doi.org/10.31937/sk.v9i1.571

Abstract

It is known that password itself is not enough for formidable authentication method since it has a lot of vulnerabilities. Multi factor authentication (MFA) is introduced for the next generation for good authentication to address that issue. MFA combines two or more of three principles of good security, “something you know”, “something you have”, and “something you are”. Most MFA mechanisms work as one time passwords (OTP). However, they can still be vulnerable to phishing and MiTM attack. On top of that, OTP can be hard to use as it requires user to input another password given by the device (SMS, token, authenticator). Implemented in small USB U2F device, FIDO U2F delivers easier yet stronger security on authentication process which implements public key cryptography, challenge-response protocol, and phishing and MitM protection.

Index Terms— Authentication protocol, FIDO U2F, Multi factor authentication, OTP

Downloads

Download data is not yet available.

Published

2017-06-16

How to Cite

Pranata, S., Nugroho, H., & Yamaki, H. (2017). Analisis dan Implementasi Protokol Otentikasi FIDO U2F. Ultima Computing : Jurnal Sistem Komputer, 9(1), 30-35. https://doi.org/https://doi.org/10.31937/sk.v9i1.571

Download Citation

Issue

Vol 9 No 1 (2017): Ultima Computing : Jurnal Sistem Komputer

Section

Articles

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution-ShareAlike International License (CC-BY-SA 4.0) that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.

Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgment of its initial publication in this journal.

Copyright without Restrictions

The journal allows the author(s) to hold the copyright without restrictions and will retain publishing rights without restrictions.

The submitted papers are assumed to contain no proprietary material unprotected by patent or patent application; responsibility for technical content and for protection of proprietary material rests solely with the author(s) and their organizations and is not the responsibility of the ULTIMA Computing or its Editorial Staff. The main (first/corresponding) author is responsible for ensuring that the article has been seen and approved by all the other authors. It is the responsibility of the author to obtain all necessary copyright release permissions for the use of any copyrighted materials in the manuscript prior to the submission.