jspωiki
Proof-of-Possession

Overview#

Proof-of-Possession (PoP) is an assertion where the presenter presents some Cryptographic Key, Security Token or Secret

Proof-of-Possession implies a Possession Factor as used to Authenticate and often used in Multi-Factor Authentication

Proof-of-Possession refers to Cryptographic methods that mitigate the risk of Security Tokens being stolen and used by an attacker. In contrast to 'Bearer Tokens', where mere possession of the Security Token allows the attacker to use it, a PoP Security Token cannot be so easily used - the attacker MUST have both the token itself and access to some key associated with the token (which is why they are sometimes referred to 'Holder-of-Key' (HoK) tokens).

PoP describes a general security characteristic of a Secret - there are different ways to achieve that characteristic.

More Information#

There might be more information for this subject on one of the following: