Skip to content

v1.0.0 Release Notes - June 16, 2020

Latest
Compare
Choose a tag to compare
@jacobgershon jacobgershon released this 16 Jun 11:50

U2F authentication library

This is a simple library to register and check signatures provided by U2F clients/devices.
It's intended to be used in Relying Parties - websites that want to add U2F 2-factor authentication
for their users.

We implement this method for Claim & Deposit Transaction on akaChain network

To use U2F, it is recommended to familiarize yourself with FIDO Alliance Specifications,
although basic usage is shown below.

U2F Overview/properties

  • U2F provides hardware-based 2-nd factor authentication system. Public/private key infrastructure is used
    to ensure good security.
  • Provides proof of posession of hardware key, plus user presence flag.
  • Public/private key pairs are specific to website origin and 'application id'. Keys are useless if used from
    other origins.
  • Needs to be stored on server for each user: Key handle and public key (both strings).
  • Cannot be used as main authentication system because server needs to provide
    unique key handle to the user to get the signature.