|
|
|
|
|
|
by johncolanduoni
1956 days ago
|
|
|
For U2F I don't believe that's the case for most devices. Yubikey outlines their method here[1]. They generate a different keypair for each website public key and have the server store an encrypted and authenticated copy of the private key using a single on-device key. So baring breaking the underlying primitives the server will only have a site-specific public key and a site-specific encrypted blob. [1]: https://developers.yubico.com/U2F/Protocol_details/Key_gener... |
|
|