Daniel Waghubinger,
"Evaluating the Via- bility of WebAuthn Across Various SecurityModes on Websites"
, 10-2024
Original Titel:
Evaluating the Via- bility of WebAuthn Across Various SecurityModes on Websites
Sprache des Titels:
Englisch
Original Kurzfassung:
Authentication plays a critical role in ensuring the security andintegrity of online services by verifying the identity of users.Traditionally, passwords have served as the most common form ofauthentication. Although in theory passwords can provide adequatesecurity, in practice they often fall short due to user habits.Many users choose low-entropy passwords, reuse passwords acrossmultiple platforms, or select nonrandom passwords, making theiraccounts more susceptible to compromise. This behavior weakens thesecurity of authentication systems and requires the implementationof additional security measures.Mode switching is one such measure that could improve the securityof the authentication process. This is a technique in which thesystem can operate in different modes that each provide differentlevels of security. As such, the system may have a default modethat allows full operation of the system and a mode that restrictsthe system when, for example, an intruder is detected. In anauthentication system, the default mode may be a passwordauthentication mode, while the more restricted and secure mode maybe implemented with WebAuthn, a web standard that allowspasswordless authentication via cryptographic key-pairs.In this master?s thesis, a prototype featuring such a system isbuilt in order to evaluate whether or not WebAuthn is a viableoption to use as a security-focused mode in a mode-switchingauthentication system. For this switching to the WebAuthn modemust provide an improvement in security over the password-baseddefault mode, while also resulting in drawbacks on the usabilityside of the application. Otherwise, if there were no drawbacks, itwould make more sense to implement WebAuthn as the default mode,with no switching.
Forschungs-