CIS14: Bringing Crypto Back: Web Authentication without Bearer Tokens
28
-
Upload
cloudidsummit -
Category
Technology
-
view
535 -
download
1
description
Dirk Balfanz and Adam Dawes, Google A discussion of two efforts at Google, both designed to incrementally add public-key cryptography to existing authentication mechanisms—one aimed at cookies, and one aimed at passwords—that offer the security of public-key-based challenge-response protocols without getting rid of cookies or passwords.