search

FIDO2 and WebAuthn

FIDO2 is an authentication standard developed by the FIDO Alliance that enables passwordless authentication using public key cryptography.

FIDO2 authentication provides:

  • No passwords - Public key cryptography replaces shared secrets

  • Phishing resistant - Origin binding prevents credential theft

  • Privacy preserving - No tracking between services

  • Strong authentication - Hardware-backed security

It consists of two components:

  1. WebAuthn: W3C web standard for browser-based authentication

  2. CTAP2: Client to Authenticator Protocol for communication with hardware authenticators

The Arculus FIDO2 Server implements the server-side components of these standards.

hashtag
How FIDO2 Works

spinner

hashtag
Key Concepts

hashtag
Relying Party (RP)

The relying party is your application or service that wants to authenticate users. The RP is identified by:

  • RP ID: The domain name of your service (e.g., example.com)

  • RP Name: Human-readable name displayed to users

The RP ID must match the origin of the authentication request for security.

hashtag
Authenticator

An authenticator is a hardware or software component that:

  • Generates and stores cryptographic key pairs

  • Performs user verification (PIN, biometric)

  • Signs authentication challenges

Types of Authenticators:

Type
Description
Examples

Platform

Built into device

Touch ID, Face ID, Windows Hello

Cross-Platform

External, portable

Arculus Card, YubiKey, security keys

hashtag
Credential

A credential is a public key pair registered with a relying party:

  • Private Key: Stored securely on the authenticator (never leaves device)

  • Public Key: Stored on the server for verification

  • Credential ID: Unique identifier for the credential

hashtag
Authenticator Data

The authenticator data is a binary structure returned during registration and authentication.

hashtag
Structure

spinner

hashtag
Flags

Flag
Bit
Name
Description

UP

0x01

User Present

User was present during operation

UV

0x04

User Verified

User was verified (PIN/biometric)

BE

0x08

Backup Eligible

Credential can be backed up

BS

0x10

Backup State

Credential is currently backed up

AT

0x40

Attested

Contains attested credential data

ED

0x80

Extension Data

Contains extension data

hashtag
Counter

The signature counter is a 32-bit unsigned integer that:

  • Increments with each authentication

  • Helps detect cloned authenticators

  • Should always increase; a decrease indicates potential cloning

hashtag
Attested Credential Data

During registration, the authenticator returns attested credential data containing:

hashtag
Structure

spinner

hashtag
AAGUID

The Authenticator Attestation GUID (AAGUID) is a 128-bit identifier that:

  • Identifies the authenticator model

  • Used for metadata lookup (MDS)

  • All zeros indicates no identification

Arculus Card AAGUID: Registered with FIDO Alliance MDS

hashtag
Attestation

Attestation provides cryptographic proof about the authenticator during registration.

hashtag
Attestation Types

Type
Description
Use Case

none

No attestation, privacy-preserving

General consumer use

direct

Full authenticator attestation

Enterprise, high-security

indirect

Anonymized attestation

Balance of privacy and trust

hashtag
Attestation Formats

Format
Description

packed

Standard WebAuthn attestation format

tpm

TPM-based attestation

android-key

Android Keystore attestation

android-safetynet

Android SafetyNet attestation

fido-u2f

Legacy FIDO U2F format

none

No attestation statement

hashtag
User Verification

User verification ensures the person using the authenticator is authorized.

hashtag
Levels

Level
Description
When to Use

discouraged

Skip verification

Low-security, convenience-focused

preferred

Verify if possible

Balanced security (default)

required

Must verify

High-security applications

hashtag
Verification Methods

  • PIN: 4-8 digit code entered on device

  • Biometric: Fingerprint, face recognition

  • Pattern: Screen unlock pattern

hashtag
Discoverable Credentials (Resident Keys)

Discoverable credentials are stored on the authenticator and can be used without providing a credential ID.

hashtag
Benefits

  • Enables truly passwordless authentication

  • No need to remember usernames

  • User selects from available credentials

hashtag
Considerations

  • Limited storage on some authenticators

  • May require authenticator management

hashtag
COSE Algorithms

Credentials use COSE (CBOR Object Signing and Encryption) algorithms.

hashtag
Supported Algorithms

Name
COSE ID
Description

ES256

-7

ECDSA with P-256 and SHA-256

RS256

-257

RSASSA-PKCS1-v1_5 with SHA-256

EdDSA

-8

Edwards-curve Digital Signature Algorithm

The Arculus FIDO2 Server supports ES256 and RS256 by default.

hashtag
Extensions

WebAuthn extensions provide additional functionality.

hashtag
Common Extensions

Extension
Description

credProtect

Credential protection level

appid

Legacy U2F application ID

largeBlob

Store data on authenticator

minPinLength

Minimum PIN length requirement

hashtag
Security Properties

hashtag
What FIDO2 Protects Against

Attack
Protection

Phishing

Origin binding prevents cross-site attacks

Man-in-the-Middle

Challenge-response prevents replay

Password Reuse

No shared secrets

Credential Theft

Private keys never leave authenticator

Server Breach

Only public keys stored on server

hashtag
What Remains Your Responsibility

  • Secure session management after authentication

  • Proper TLS configuration

  • Account recovery mechanisms

  • Authenticator loss procedures

hashtag
WebAuthn API Overview

hashtag
Registration (navigator.credentials.create)

hashtag
Authentication (navigator.credentials.get)

hashtag
References

PreviousAppendix OverviewNextiOS Sample Applications

Last updated