The FIDO2 protocol allows users to perform online authentication by setting a public key and avoids the shortcomings of the traditional password authentication mechanism in terms of security. During transaction confirmation with the FIDO2 protocol, users must confirm the transaction message and then sign this message using a cryptographic signature scheme. However, it is a challenge to show that transaction messages are correct or trusted in practice. No available authenticator that supports the FIDO2 protocol uses trusted display hardware to guarantee the correctness of transaction messages. This paper proposes a trusted display of transaction messages by developing a lightweight and trusted base on hardware without a trusted execution environment (TEE). The proposed trusted display is easily applied in the FIDO2 protocol and resists four types of well-known attacks, such as malicious process tampering with display and occupying an authenticator. The experimental results indicate that the improved FIDO2 protocol slightly increases the processing overhead compared to the traditional protocol.
Read full abstract