{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,4]],"date-time":"2026-05-04T23:21:50Z","timestamp":1777936910804,"version":"3.51.4"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031171420","type":"print"},{"value":"9783031171437","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-17143-7_1","type":"book-chapter","created":{"date-parts":[[2022,9,23]],"date-time":"2022-09-23T04:04:22Z","timestamp":1663905862000},"page":"3-21","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":12,"title":["A Formal Analysis of\u00a0the\u00a0FIDO2 Protocols"],"prefix":"10.1007","author":[{"given":"Jingjing","family":"Guan","sequence":"first","affiliation":[]},{"given":"Hui","family":"Li","sequence":"additional","affiliation":[]},{"given":"Haisong","family":"Ye","sequence":"additional","affiliation":[]},{"given":"Ziming","family":"Zhao","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,9,24]]},"reference":[{"key":"1_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1007\/11513988_27","volume-title":"Computer Aided Verification","author":"A Armando","year":"2005","unstructured":"Armando, A., et al.: The AVISPA tool for the automated validation of internet security protocols and applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281\u2013285. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11513988_27"},{"key":"1_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/978-3-642-54862-8_3","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"A Armando","year":"2014","unstructured":"Armando, A., Carbone, R., Compagna, L.: SATMC: a sat-based model checker for security-critical systems. In: \u00c1brah\u00e1m, E., Havelund, K. (eds.) TACAS 2014. LNCS, vol. 8413, pp. 31\u201345. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-54862-8_3"},{"key":"1_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"125","DOI":"10.1007\/978-3-030-84252-9_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"M Barbosa","year":"2021","unstructured":"Barbosa, M., Boldyreva, A., Chen, S., Warinschi, B.: Provable security analysis of FIDO2. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12827, pp. 125\u2013156. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_5"},{"issue":"2","key":"1_CR4","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/2658996","volume":"17","author":"D Basin","year":"2014","unstructured":"Basin, D., Cremers, C.: Know your enemy: compromising adversaries in protocol analysis. ACM Trans. Inf. Syst. Secur. (TISSEC) 17(2), 1\u201331 (2014)","journal-title":"ACM Trans. Inf. Syst. Secur. (TISSEC)"},{"issue":"3","key":"1_CR5","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/s10207-004-0055-7","volume":"4","author":"D Basin","year":"2004","unstructured":"Basin, D., M\u00f6dersheim, S., Vigan\u00f2, L.: OFMC: a symbolic model checker for security protocols. Int. J. Inf. Secur. 4(3), 181\u2013208 (2004). https:\/\/doi.org\/10.1007\/s10207-004-0055-7","journal-title":"Int. J. Inf. Secur."},{"key":"1_CR6","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Blanchet, B., Kobeissi, N.: Verified models and reference implementations for the TLS 1.3 standard candidate. In: IEEE Symposium on Security and Privacy (S &P), pp. 483\u2013502 (2017)","DOI":"10.1109\/SP.2017.26"},{"issue":"1\u20132","key":"1_CR7","first-page":"1","volume":"1","author":"B Blanchet","year":"2016","unstructured":"Blanchet, B.: Modeling and verifying security protocols with the applied pi calculus and ProVerif. Found. Trends Priv. Secur. 1(1\u20132), 1\u2013135 (2016)","journal-title":"Found. Trends Priv. Secur."},{"key":"1_CR8","doi-asserted-by":"crossref","unstructured":"Blanchet, B.: Symbolic and computational mechanized verification of the ARINC823 avionic protocols. In: IEEE Computer Security Foundations Symposium (CSF), pp. 68\u201382 (2017)","DOI":"10.1109\/CSF.2017.7"},{"key":"1_CR9","first-page":"721","volume":"2017","author":"D Chang","year":"2017","unstructured":"Chang, D., Mishra, S., Sanadhya, S.K., Singh, A.P.: On making U2F protocol leakage-resilient via re-keying. IACR Cryptol. ePrint Arch. 2017, 721 (2017)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Cheval, V., Kremer, S., Rakotonirina, I.: DEEPSEC: deciding equivalence properties in security protocols theory and practice. In: IEEE Symposium on Security and Privacy (S &P), pp. 529\u2013546 (2018)","DOI":"10.1109\/SP.2018.00033"},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Cremers, C.J.: Unbounded verification, falsification, and characterization of security protocols by pattern refinement. In: ACM Conference on Computer And Communications Security (CCS), pp. 119\u2013128 (2008)","DOI":"10.1145\/1455770.1455787"},{"key":"1_CR12","doi-asserted-by":"crossref","unstructured":"Feng, H., Li, H., Pan, X., Zhao, Z., Cactilab, T.: A formal analysis of the FIDO UAF protocol. In: Network and Distributed Systems Security Symposium (NDSS), pp. 1\u201315 (2021)","DOI":"10.14722\/ndss.2021.24363"},{"key":"1_CR13","unstructured":"FIDO Alliance: Universal 2nd factor U2F overview (2017). https:\/\/fidoalliance.org\/specs\/fido-u2f-v1.2-ps-20170411\/fido-u2f-overview-v1.2-ps-20170411.html"},{"key":"1_CR14","unstructured":"FIDO Alliance: CNET: password-free web security is coming to Chrome, Firefox, Edge (2018). https:\/\/fidoalliance.org\/cnet-password-free-web-security-is-coming-to-chrome-firefox-edge\/"},{"key":"1_CR15","unstructured":"FIDO Alliance: FIDO security reference 2018). https:\/\/fidoalliance.org\/specs\/fido-v2.0-id-20180227\/fido-security-ref-v2.0-id-20180227.html"},{"key":"1_CR16","unstructured":"FIDO Alliance: Client to authenticator protocol (CTAP) - proposed standard (2019). https:\/\/fidoalliance.org\/specs\/fido-v2.0-ps-20190130\/fido-client-to-authenticator-protocol-v2.0-ps-20190130.html"},{"key":"1_CR17","unstructured":"FIDO Alliance: Microsoft achieves FIDO2 certification for Windows Hello (2019). https:\/\/fidoalliance.org\/microsoft-achieves-fido2-certification-for-windows-hello"},{"key":"1_CR18","unstructured":"FIDO Alliance: News: your Google Android 7+ phone is now a FIDO2 security key (2019). https:\/\/fidoalliance.org\/news-your-google-android-7-phone-is-now-a-fido2-security-key"},{"key":"1_CR19","unstructured":"FIDO Alliance: Expanded support for FIDO authentication in iOS and MacOS (Jul 2020), https:\/\/fidoalliance.org\/expanded-support-for-fido-authentication-in-ios-and-macos"},{"key":"1_CR20","unstructured":"FIDO Alliance: FIDO UAF protocol specification (2020). https:\/\/fidoalliance.org\/specs\/fido-uaf-v1.2-ps-20201020\/fido-uaf-protocol-v1.2-ps-20201020.html"},{"key":"1_CR21","unstructured":"Girol, G., Hirschi, L., Sasse, R., Jackson, D., Cremers, C., Basin, D.: A spectral analysis of noise: a comprehensive, automated, formal analysis of Diffie-Hellman protocols. In: USENIX Security Symposium (2020)"},{"issue":"3\u20134","key":"1_CR22","doi-asserted-by":"publisher","first-page":"435","DOI":"10.3233\/JCS-2004-123-406","volume":"12","author":"AD Gordon","year":"2004","unstructured":"Gordon, A.D., Jeffrey, A.: Types and effects for asymmetric cryptographic protocols. J. Comput Secur. (JCS) 12(3\u20134), 435\u2013483 (2004)","journal-title":"J. Comput Secur. (JCS)"},{"key":"1_CR23","doi-asserted-by":"crossref","unstructured":"Guirat, I.B., Halpin, H.: Formal verification of the W3C web authentication protocol. In: Annual Symposium and Bootcamp on Hot Topics in the Science of Security (HoTSoS), pp. 1\u201310 (2018)","DOI":"10.1145\/3190619.3190640"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Hirschi, L., Cremers, C.: Improving automated symbolic analysis of ballot secrecy for e-voting protocols: A method based on sufficient conditions. In: IEEE European Symposium on Security and Privacy (EuroS &P), pp. 635\u2013650 (2019)","DOI":"10.1109\/EuroSP.2019.00052"},{"issue":"12","key":"1_CR25","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1109\/CC.2016.7897543","volume":"13","author":"K Hu","year":"2016","unstructured":"Hu, K., Zhang, Z.: Security analysis of an attractive online authentication standard: FIDO UAF protocol. Chin. Commun. 13(12), 189\u2013198 (2016)","journal-title":"Chin. Commun."},{"issue":"2","key":"1_CR26","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3440712","volume":"24","author":"C Jacomme","year":"2021","unstructured":"Jacomme, C., Kremer, S.: An extensive formal analysis of multi-factor authentication protocols. ACM Trans. Priv. Secur. (TOPS) 24(2), 1\u201334 (2021)","journal-title":"ACM Trans. Priv. Secur. (TOPS)"},{"key":"1_CR27","unstructured":"Leoutsarakos, N.: What\u2019s wrong with FIDO? https:\/\/zeropasswords.com\/pdfs\/WHATisWRONG_FIDO.pdf (2011)"},{"key":"1_CR28","doi-asserted-by":"publisher","unstructured":"Loutfi, I., J\u00f8sang, A.: FIDO trust requirements. In: Buchegger, S., Dam, M. (eds.) Secure IT Systems. LNCS, vol 9417, pp. 139\u2013155. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-26502-5_10","DOI":"10.1007\/978-3-319-26502-5_10"},{"key":"1_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1007\/3-540-61042-1_43","volume-title":"Tools and Algorithms for the Construction and Analysis of Systems","author":"G Lowe","year":"1996","unstructured":"Lowe, G.: Breaking and fixing the Needham-Schroeder public-key protocol using FDR. In: Margaria, T., Steffen, B. (eds.) TACAS 1996. LNCS, vol. 1055, pp. 147\u2013166. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-61042-1_43"},{"key":"1_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"696","DOI":"10.1007\/978-3-642-39799-8_48","volume-title":"Computer Aided Verification","author":"S Meier","year":"2013","unstructured":"Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696\u2013701. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-39799-8_48"},{"key":"1_CR31","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/978-3-319-67639-5_11","volume-title":"Digital Communication. Towards a Smart and Secure Future Internet","author":"C Panos","year":"2017","unstructured":"Panos, C., Malliaros, S., Ntantogian, C., Panou, A., Xenakis, C.: A security evaluation of Fido\u2019s uaf protocol in mobile and embedded devices. In: Piva, A., Tinnirello, I., Morosi, S. (eds.) TIWDC 2017. CCIS, vol. 766, pp. 127\u2013142. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-67639-5_11"},{"key":"1_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1007\/978-3-319-75650-9_5","volume-title":"Foundations and Practice of Security","author":"O Pereira","year":"2018","unstructured":"Pereira, O., Rochet, F., Wiedling, C.: Formal analysis of the FIDO 1.x protocol. In: Imine, A., Fernandez, J.M., Marion, J.-Y., Logrippo, L., Garcia-Alfaro, J. (eds.) FPS 2017. LNCS, vol. 10723, pp. 68\u201382. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-75650-9_5"},{"key":"1_CR33","unstructured":"Standards for Efficient Cryptography Group: SEC 1: Elliptic curve cryptography version 2.0, standards for efficient cryptography (2009). https:\/\/www.secg.org\/sec1-v2.pdf"},{"key":"1_CR34","doi-asserted-by":"crossref","unstructured":"Turuani, M.: The CL-Atse protocol analyser. In: International Conference on Rewriting Techniques and Applications (RTA). pp. 277\u2013286. Springer (2006)","DOI":"10.1007\/11805618_21"},{"key":"1_CR35","unstructured":"W3C: Web authentication: An API for accessing public key credentials level 2 (2021). https:\/\/www.w3.org\/TR\/webauthn-2\/"},{"key":"1_CR36","unstructured":"Wang, Y., Zhang, Z., Xie, Y.: Privacy-preserving and standard-compatible AKA protocol for 5G. In: USENIX Security Symposium, pp. 3595\u20133612 (2021)"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2022"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-17143-7_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,23]],"date-time":"2022-09-23T04:04:47Z","timestamp":1663905887000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-17143-7_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031171420","9783031171437"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-17143-7_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"24 September 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 September 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2022.compute.dtu.dk\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"562","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"104","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"19% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}