Overview#FIDO Authenticator is an Authenticator for FIDO protocols
FIDO Authenticator requires a FIDO Client.
FIDO Authenticator needs to be able to:
- generate Cryptographic Key pairs securely
- store Cryptographic Key
- MUST include a cryptographic engine that includes a Cryptographically secure pseudorandom number generator that can operate on the stored keys.
Key generation places a high load on computing resources, especially in the case of general purpose CPUs.
Smart Card technology is purpose-built to perform key pair generation quickly, with low power consumption. Because Smart Card technology uses a Secure Element, key pair generation is performed securely and is efficiently protected, even from advanced attacks. Smart Card technology protects Private Keys in hardware with interaction restricted to a limited set of commands and responses.Metadata properties of the FIDO Authenticator a mds.fidoaliance.org which is a JWT that describes various aspects of the particular FIDO Authenticator
More Information#There might be more information for this subject on one of the following:
- Client To Authenticator Protocol
- FIDO Alliance Metadata Service
- FIDO Client
- FIDO Standards
- Security Key
- U2F device
- Universal Authentication Framework
- Universal Second Factor