An Analysis of Attack Vectors Against FIDO2 Authentication

Alexander Berladskyy; Andreas A{\ss}muth

arxiv: 2604.20826 · v1 · submitted 2026-04-22 · 💻 cs.CR

An Analysis of Attack Vectors Against FIDO2 Authentication

Alexander Berladskyy , Andreas A{\ss}muth This is my paper

Pith reviewed 2026-05-10 00:07 UTC · model grok-4.3

classification 💻 cs.CR

keywords FIDO2passkeysphishing attacksauthenticationattack vectorsasymmetric cryptographyauthenticator security

0 comments

The pith

Successful attacks on passkeys require substantial effort and resources, largely upholding their phishing resistance.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper tests the phishing-resistant claim of FIDO2 passkeys by reviewing existing attack methods and implementing two new ones. One attack corrupts the authenticator to generate keys known to the attacker. The other spoofs a target site by altering the browser's certificate store, intercepts traffic, and relays a legitimate server challenge for the user to sign. Evaluation shows both succeed only when the attacker invests significant resources and effort. This matters because passwords are easily phished at scale, while passkeys could raise the cost of credential theft for everyday users and services if the resistance holds.

Core claim

Passkeys rely on asymmetric cryptography where a private key stays on the user's authenticator device and the server holds the matching public key; the server issues a domain-specific challenge that the device signs. The paper reviews prior attack vectors and details two implemented attacks: the Infected Authenticator attack, which places attacker-known keys on a compromised device, and the Authenticator Deception attack, which modifies the browser certificate authority store to install a valid certificate, spoofs the site, and relays the real server's challenge so the user signs it. Results show these attacks demand substantial effort and resources, confirming that the phishing-resistant性质s

What carries the argument

The FIDO2 challenge-response protocol that binds authentication to the legitimate domain via a device-held private key, preventing simple relay or replay by attackers without control over the authenticator or its local environment.

If this is right

Passkeys raise the practical bar for phishing attacks compared with passwords.
Attackers must invest in device compromise or local system modification to succeed.
Services can rely on FIDO2 for stronger credential protection in most phishing scenarios.
The phishing-resistant claim for passkeys holds under the evaluated attack models.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

Other untested attack vectors could exist that require less effort than the two examined here.
Widespread passkey use might push attackers toward device-level compromises instead of web phishing.
Adding cost metrics and success rates for each attack would allow clearer comparisons with password attacks.
Passkeys combined with hardware-bound authenticators could further increase the required attacker resources.

Load-bearing premise

The two implemented attacks represent the main practical threats, and the resources they require exceed those of typical attackers without needing quantitative cost or success-rate data.

What would settle it

A documented attack that obtains a valid passkey signature for a legitimate site using only a standard phishing page and no device infection or certificate-store changes would falsify the claim.

Figures

Figures reproduced from arXiv: 2604.20826 by Alexander Berladskyy, Andreas A{\ss}muth.

**Figure 2.** Figure 2: Authenticator Deception Flow VI. RESULTS AND DISCUSSION Both experiments succeeded as described; however, several important nuances were observed. For the authenticator deception attack, it was important that the DNS cache on the victim’s machine was flushed. If stale DNS entries were present, the victim’s browser would continue to resolve the domain to the legitimate RP, bypassing the attacker-controlled … view at source ↗

read the original abstract

Phishing attacks remain one of the most prevalent threats to online security, with the Anti-Phishing Working Group reporting over 890,000 attacks in Q3 2025 alone. Traditional password-based authentication is particularly vulnerable to such attacks, prompting the development of more secure alternatives. This paper examines passkeys, also known as FIDO2, which claim to provide phishing-resistant authentication through asymmetric cryptography. In this approach, a private key is stored on a user's device, the authenticator, while the server stores the corresponding public key. During authentication, the server generates a challenge that the user signs with the private key; the server then verifies the signature and establishes a session. We present passkey workflows and review state-of-the-art attack vectors from related work alongside newly identified approaches. Two attacks are implemented and evaluated: the Infected Authenticator attack, which generates attacker-known keys on a corrupted authenticator, and the Authenticator Deception attack, which spoofs a target website by modifying the browser's certificate authority store, installing a valid certificate, and intercepting user traffic. An attacker relays a legitimate challenge from the real server to a user, who signs it, allowing the attacker to authenticate as the victim. Our results demonstrate that successful attacks on passkeys require substantial effort and resources. The claim that passkeys are phishing-resistant largely holds true, significantly raising the bar compared to traditional password-based authentication.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper implements two new FIDO2 attacks but provides no metrics to show they actually require substantial effort compared to password phishing.

read the letter

Two things stand out right away. The authors have identified and coded two attack vectors on FIDO2 that go past the standard ones in the literature: an Infected Authenticator attack and an Authenticator Deception attack. They also give a clear review of passkey workflows and prior attacks. That practical implementation work is the useful part here. The paper does a decent job laying out how the attacks work in detail. For the deception attack, it involves modifying the browser CA store, installing a certificate, and then intercepting to relay the challenge from the real server. They evaluate these against the claim that passkeys resist phishing better than passwords. The implementations themselves seem like solid engineering steps that could help others test similar ideas. The main gap is in the evidence for the central claim. The abstract states that these attacks require substantial effort and resources, making passkeys still largely phishing-resistant. But there are no numbers anywhere—no times, no costs, no success rates, no comparison to the effort for phishing a password. Without that, it's hard to know if the bar is truly raised or if these attacks are feasible for motivated attackers. The weakest assumption is that the two attacks represent the practical threat level without data to back the substantial qualifier. This is for readers in web security who want concrete examples of FIDO2 weaknesses. It could be valuable for thinking about mitigations, but anyone needing strong empirical support for deployment decisions would find it thin. I would send it to peer review because the new attacks are worth checking out and the implementations add something real, even if the results need more rigor.

Referee Report

1 major / 2 minor

Summary. The paper analyzes attack vectors against FIDO2/passkey authentication. It reviews existing approaches from related work, presents passkey workflows based on asymmetric cryptography, and implements/evaluates two attacks: the Infected Authenticator attack (generating attacker-known keys on a corrupted device) and the Authenticator Deception attack (modifying browser CA store, installing a valid certificate, and relaying server challenges to the user). The central conclusion is that successful attacks require substantial effort and resources, supporting the claim that passkeys are largely phishing-resistant and raise the bar relative to password-based authentication.

Significance. If the attack implementations are accompanied by concrete resource measurements, this work would offer practical value in assessing FIDO2 security by providing specific, reproducible attack examples grounded in external cryptographic assumptions. The paper's strength lies in its focus on implementation-level vectors rather than new theoretical breaks, which helps clarify the gap between cryptographic design and real-world deployment.

major comments (1)

[Abstract / Evaluation] Abstract and evaluation description: The claim that 'successful attacks on passkeys require substantial effort and resources' and that passkeys 'significantly rais[e] the bar' is load-bearing for the paper's main contribution, yet the text provides no quantitative metrics (attack duration, success probability, hardware/software prerequisites, or direct comparison to automated password-phishing campaigns). Without these, it is not possible to verify that the two implemented attacks are representative or measurably harder than credential phishing.

minor comments (2)

[Abstract] The date reference to 'Q3 2025' for Anti-Phishing Working Group statistics should be verified for accuracy or updated if it is a projection rather than observed data.
[Passkey Workflows] Clarify in the workflow section how the Authenticator Deception attack's traffic interception step interacts with existing TLS protections and whether it requires the attacker to control the user's network.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We thank the referee for the constructive feedback, which identifies a key opportunity to strengthen the presentation of our evaluation results on FIDO2 attack vectors.

read point-by-point responses

Referee: Abstract and evaluation description: The claim that 'successful attacks on passkeys require substantial effort and resources' and that passkeys 'significantly rais[e] the bar' is load-bearing for the paper's main contribution, yet the text provides no quantitative metrics (attack duration, success probability, hardware/software prerequisites, or direct comparison to automated password-phishing campaigns). Without these, it is not possible to verify that the two implemented attacks are representative or measurably harder than credential phishing.

Authors: We agree that explicit quantitative metrics would improve verifiability of the central claims. The current manuscript describes the attack implementations and qualitatively assesses their complexity relative to traditional phishing, but does not report specific measurements. In the revised version we will expand the abstract and evaluation sections to include concrete data drawn from our experiments: attack phase durations, observed success rates under controlled conditions, and explicit hardware/software prerequisites (e.g., device compromise for the Infected Authenticator attack and root-certificate installation for the Authenticator Deception attack). We will also add a discussion that references published statistics on password-phishing campaign success rates and explains why the FIDO2 attacks require additional targeted resources and steps that are not present in automated phishing kits. These changes will directly address the concern while remaining faithful to the scope of our work. revision: yes

Circularity Check

0 steps flagged

No significant circularity; analysis rests on external attack implementations

full rationale

This is an empirical security analysis paper with no mathematical derivations, equations, fitted parameters, or self-referential logic. The central claim (attacks require substantial effort) is supported by descriptions of two implemented attacks and review of related work, without reducing to its own inputs by construction. Self-citations, if present, are not load-bearing for any derivation. The paper is self-contained against external benchmarks and cryptographic assumptions, warranting a low score.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

This is an empirical security analysis that does not introduce mathematical models, free parameters, or new entities. It rests on standard cryptographic assumptions and the practical feasibility of the described attacks.

axioms (2)

standard math Asymmetric cryptography enables secure challenge-response authentication without exposing private keys
The core FIDO2 mechanism described in the abstract relies on this property for phishing resistance.
domain assumption Authenticators and browsers can be compromised or deceived through malware or certificate store modification
The two implemented attacks presuppose these compromise vectors are achievable in practice.

pith-pipeline@v0.9.0 · 5549 in / 1545 out tokens · 52246 ms · 2026-05-10T00:07:58.813818+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

18 extracted references · 18 canonical work pages

[1]

APWG,Phishing activity trends report, APWG Report Q3 2025, Activity: July-September 2025, Published: 9 December 2025, Dec. 2025

work page 2025
[2]

Brand et al., ‘Client to authenticator protocol (CTAP)’, Jan

C. Brand et al., ‘Client to authenticator protocol (CTAP)’, Jan

work page
[3]

Available: https://fidoalliance.org/specs/fido-v 2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-p s-20190130.html

[Online]. Available: https://fidoalliance.org/specs/fido-v 2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-p s-20190130.html

work page
[4]

Bindel, C

N. Bindel, C. Cremers and M. Zhao,FIDO2, CTAP 2.1, and WebAuthn 2: Provable security and post-quantum instantiation, Cryptology ePrint Archive, Paper 2022/1029, 2022. [Online]. Available: https://eprint.iacr.org/2022/1029

work page 2022
[5]

Yubico,Yubico: Security keys and authentication solutions, https://www.yubico.com/, Accessed: 2026-03-14, 2026

work page 2026
[6]

FIDO Alliance,Fido specifications, https://fidoalliance.org/spe cifications/, Accessed: 2026-03-14, 2026

work page 2026
[7]

Hodges et al., ‘Web authentication: An API for accessing public key credentials level 2’, Apr

J. Hodges et al., ‘Web authentication: An API for accessing public key credentials level 2’, Apr. 2021. [Online]. Available: https://www.w3.org/TR/webauthn-2/

work page 2021
[8]

Mozilla Developer Network,Web authentication api (webau- thn), https://developer.mozilla.org/en-US/docs/Web/API/Web _Authentication_API, Accessed: 2026-03-14, 2026

work page 2026
[9]

P. R. Babu, D. L. Bhaskari and C. Satyanarayana, ‘A com- prehensive analysis of spoofing’,International Journal of Advanced Computer Science and Applications, vol. 1, no. 6, 2010

work page 2010
[10]

H. Li, X. Pan, X. Wang, H. Feng and C. Shi, ‘Authenticator rebinding attack of the UAF protocol on mobile devices’,Wirel. Commun. Mob. Comput., vol. 2020, pp. 1–14, Sep. 2020

work page 2020
[11]

Barbosa, A

M. Barbosa, A. Cirne and L. Esquível, ‘Rogue key and impersonation attacks on fido2: From theory to practice’, inProceedings of the 18th International Conference on Availability, Reliability and Security, ser. ARES ’23, Benevento, Italy: Association for Computing Machinery, 2023,ISBN: 9798400707728.DOI: 10.1145/3600160.3600174 [Online]. Available: https:/...

work page doi:10.1145/3600160.3600174 2023
[12]

T. K. Yadav and K. Seamons,A security and usability analysis of local attacks against fido2, 2023. arXiv: 2308 . 02973 [cs.CR]. [Online]. Available: https://arxiv.org/abs/2308 .02973

work page 2023
[13]

A. T. Mahdad, M. Jubur and N. Saxena, ‘Breaching security keys without root: Fido2 deception attacks via overlays exploiting limited display authenticators’, inProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’24, Salt Lake City, UT, USA: Association for Computing Machinery, 2024, pp. 1686– 1700,ISBN: 9798...

work page doi:10.1145/3658644.3690286 2024
[14]

D. Kim, J. Shin, G. Ryu and D. Choi, ‘Hipass: Hijacking ctap in passkey authentication’,IEEE Access, vol. 13, pp. 92 086– 92 101, 2025.DOI: 10.1109/ACCESS.2025.3570377

work page doi:10.1109/access.2025.3570377 2025
[15]

KeepassXC Team,Keepassxc: Cross-platform password man- ager, https://keepassxc.org/, Accessed: 2026-03-14, 2026

work page 2026
[16]

Passkeys.io,Who supports passkeys, https://www.passkeys.io /who-supports-passkeys, Accessed: 2026-03-14, 2026

work page 2026
[17]

Szor,The Art of Computer Virus Research and Defense

P. Szor,The Art of Computer Virus Research and Defense. Addison-Wesley Professional, 2005,ISBN: 0321304543

work page 2005
[18]

Bitwarden,Bitwarden password manager, https://bitwarden.co m, Accessed: 2026-03-14, 2026

work page 2026

[1] [1]

APWG,Phishing activity trends report, APWG Report Q3 2025, Activity: July-September 2025, Published: 9 December 2025, Dec. 2025

work page 2025

[2] [2]

Brand et al., ‘Client to authenticator protocol (CTAP)’, Jan

C. Brand et al., ‘Client to authenticator protocol (CTAP)’, Jan

work page

[3] [3]

Available: https://fidoalliance.org/specs/fido-v 2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-p s-20190130.html

[Online]. Available: https://fidoalliance.org/specs/fido-v 2.0-ps-20190130/fido-client-to-authenticator-protocol-v2.0-p s-20190130.html

work page

[4] [4]

Bindel, C

N. Bindel, C. Cremers and M. Zhao,FIDO2, CTAP 2.1, and WebAuthn 2: Provable security and post-quantum instantiation, Cryptology ePrint Archive, Paper 2022/1029, 2022. [Online]. Available: https://eprint.iacr.org/2022/1029

work page 2022

[5] [5]

Yubico,Yubico: Security keys and authentication solutions, https://www.yubico.com/, Accessed: 2026-03-14, 2026

work page 2026

[6] [6]

FIDO Alliance,Fido specifications, https://fidoalliance.org/spe cifications/, Accessed: 2026-03-14, 2026

work page 2026

[7] [7]

Hodges et al., ‘Web authentication: An API for accessing public key credentials level 2’, Apr

J. Hodges et al., ‘Web authentication: An API for accessing public key credentials level 2’, Apr. 2021. [Online]. Available: https://www.w3.org/TR/webauthn-2/

work page 2021

[8] [8]

Mozilla Developer Network,Web authentication api (webau- thn), https://developer.mozilla.org/en-US/docs/Web/API/Web _Authentication_API, Accessed: 2026-03-14, 2026

work page 2026

[9] [9]

P. R. Babu, D. L. Bhaskari and C. Satyanarayana, ‘A com- prehensive analysis of spoofing’,International Journal of Advanced Computer Science and Applications, vol. 1, no. 6, 2010

work page 2010

[10] [10]

H. Li, X. Pan, X. Wang, H. Feng and C. Shi, ‘Authenticator rebinding attack of the UAF protocol on mobile devices’,Wirel. Commun. Mob. Comput., vol. 2020, pp. 1–14, Sep. 2020

work page 2020

[11] [11]

Barbosa, A

M. Barbosa, A. Cirne and L. Esquível, ‘Rogue key and impersonation attacks on fido2: From theory to practice’, inProceedings of the 18th International Conference on Availability, Reliability and Security, ser. ARES ’23, Benevento, Italy: Association for Computing Machinery, 2023,ISBN: 9798400707728.DOI: 10.1145/3600160.3600174 [Online]. Available: https:/...

work page doi:10.1145/3600160.3600174 2023

[12] [12]

T. K. Yadav and K. Seamons,A security and usability analysis of local attacks against fido2, 2023. arXiv: 2308 . 02973 [cs.CR]. [Online]. Available: https://arxiv.org/abs/2308 .02973

work page 2023

[13] [13]

A. T. Mahdad, M. Jubur and N. Saxena, ‘Breaching security keys without root: Fido2 deception attacks via overlays exploiting limited display authenticators’, inProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, ser. CCS ’24, Salt Lake City, UT, USA: Association for Computing Machinery, 2024, pp. 1686– 1700,ISBN: 9798...

work page doi:10.1145/3658644.3690286 2024

[14] [14]

D. Kim, J. Shin, G. Ryu and D. Choi, ‘Hipass: Hijacking ctap in passkey authentication’,IEEE Access, vol. 13, pp. 92 086– 92 101, 2025.DOI: 10.1109/ACCESS.2025.3570377

work page doi:10.1109/access.2025.3570377 2025

[15] [15]

KeepassXC Team,Keepassxc: Cross-platform password man- ager, https://keepassxc.org/, Accessed: 2026-03-14, 2026

work page 2026

[16] [16]

Passkeys.io,Who supports passkeys, https://www.passkeys.io /who-supports-passkeys, Accessed: 2026-03-14, 2026

work page 2026

[17] [17]

Szor,The Art of Computer Virus Research and Defense

P. Szor,The Art of Computer Virus Research and Defense. Addison-Wesley Professional, 2005,ISBN: 0321304543

work page 2005

[18] [18]

Bitwarden,Bitwarden password manager, https://bitwarden.co m, Accessed: 2026-03-14, 2026

work page 2026