A Robust Mutual Authentication between User Devices and Relaying Server(FIDO Server) using Certificate Authority in FIDO Environments

Abstract

Recently, Biometrics is being magnified than ID or password about user authentication. However, unlike a PIN, password, and personal information there is no way to modify the exposure if it is exposed and used illegally. As FIDO(Fast IDentity Online) than existing server storing method, It stores a user's biometric information to the user device. And the user device authentication using the user's biometric information, the user equipment has been used a method to notify only the authentication result to the server FIDO. However, FIDO has no mutual authentication between the user device and the FIDO server. We use a Certificate Authority in order to mutually authenticate the user and the FIDO server. Thereby, we propose a more reliable method and compared this paper with existed methods about security analysis.