Paper at ESORICS 2022 in Copenhagen
28 September 2022
This week our paper "Unlinkable Delegation of WebAuthn Credentials" was presented at the 27th European Symposium on Research in Computer Security (ESORICS 2022) in Copenhagen, Denmark. The talk was delivered by Nick Frymann, an external PhD student of Prof. Manulis at the University of Surrey, UK.
This paper builds on our earlier work on Asynchronous Remote Key Generation (ARKG), a new primitive for generation of cryptographic key pairs, developed in collaboration with Yubico in 2020. We showed how ARKG can be used to enable delegation of credentials for WebAuthn protected accounts by account owners to their proxies in a way that is controllable and preserves the original security and privacy properties of the WebAuthn standard.
WebAuthn is a new standard for web authentication that is expected to replace passwords and other insecure authentication methods by adopting digital signatures and security keys.