ANALISIS DAN IMPLEMENTASI PROTOKOL OTENTIKASI FIDO U2F
Abstrak: It is known that
password itself is not enoughfor formidable authentication method since it has
a lot of vulnerabilities. Multi factor authentication (MFA) is introduced for
the next generation for good authenticationto address that issue. MFA combines
two or more of three principles of good
security, “something you know”, “something you have”, and “something you are”.
Most MFA mechanisms work as one time passwords (OTP). However, they can still
be vulnerable to phishing and MiTM attack. On top of that, OTP can be hard to
use as it requires user to input another password given by the device(SMS,
token, authenticator). Implemented in small USB U2F device, FIDO U2F delivers easier yet
stronger security on authentication process which implements public key
cryptography, challenge-response protocol, and phishing and MitM protection.
Penulis: Sunderi Pranata,
Hargyo Tri Nugroho, Hirofumi Yamaki
Kode Jurnal: jptkomputerdd170298