Utilising an Android smartphone as a key store for Web Authentication
This report shows how an Android smartphone can be used as a secure keystore for Web Authentication on the desktop. For this purpose, a secure channel is established between the smartphone and the computer. An application on the Android smartphone manages the creation and usage of the key material. When registering with a web service, the key material is created inside the secure hardware of the smartphone. As a result, the key material cannot be extracted even on compromised smartphones. The usage of the key material for authentication is confirmed by the user via biometric authentication.
Downloads
| File | Description | File size |
|---|---|---|
Project Report (DE)
|
|
915 KB |