EAP-FIDO: A novel EAP method for using FIDO2 credentials for network authentication

Rivera-Dourado, MartiñoXenakis, ChristosPazos, A.Vázquez-Naya, José2025-05-272025-05-272025-05-10M. Rivera-Dourado, C. Xenakis, A. Pazos, y J. Vázquez-Naya, «EAP-FIDO: A novel EAP method for using FIDO2 credentials for network authentication», Computer Networks, vol. 266, p. 111348, jul. 2025, doi: 10.1016/j.comnet.2025.1113481872-70691389-1286http://hdl.handle.net/2183/42084[Abstract]: The adoption of FIDO2 authentication by major tech companies in web applications has grown significantly in recent years. However, we argue FIDO2 has broader potential applications. In this paper, we introduce EAP-FIDO, a novel Extensible Authentication Protocol (EAP) method for use in IEEE 802.1X-protected networks. This allows organisations with WPA2/3-Enterprise wireless networks or MACSec-enabled wired networks to leverage FIDO2’s passwordless authentication in compliance with existing standards. Additionally, we provide a comprehensive security and performance analysis to support the feasibility of this approachengAtribución-NoComercial-SinDerivadas 3.0 España© 2025 The Authors. Published by Elsevier B.V.http://creativecommons.org/licenses/by-nc-nd/3.0/es/Network authenticationExtensible authentication protocol802.1XWPA2-enterpriseWirelessMACSecFIDO2Security keyPasskeyEAP-FIDO: A novel EAP method for using FIDO2 credentials for network authenticationjournal articleopen access