Passwordless Authentication System Using TKey
Ladda ner
Publicerad
Typ
Examensarbete på kandidatnivå
Bachelor Thesis
Bachelor Thesis
Program
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Threats targeting authentication systems are becoming more widespread in the current
digital landscape, and passwords are challenged in their role as the dominant
authentication method due to poor user habits and cognitive limitations. This thesis
describes the design and implementation of a passwordless authentication system
developed in Python and Go for a simple web application and proxy server.
A two-factor authentication system was implemented utilizing a TKey (Chalmers
version) from Tillitis AB with Ed25519 signing, as well as Time-based One-Time
Password (TOTP) functionality. Additionally, a recovery mechanism was implemented
that utilizes mnemonic phrases to handle the loss of a TKey. The project
explores the possibilities of passwordless authentication using a TKey, and in the
broader sense hardware-based authentication. It demonstrates that hardware-based
authentication schemes relying on cryptographic signatures are effective candidates
for tomorrow’s authentication systems.
Beskrivning
Ämne/nyckelord
Cybersecurity, Cryptography, Authentication, Hardware-based authentication
