As KOOTKEY is based on the U2F Protocol designed by FIDO Alliance.It supports all the online web services which have implemnted the U2F Protocol as second factor authentication in their servers for user login.
Implementation of U2f Protocol makes the login process a two step process.
In the first step the user logs in with a username and password as before.
After verification of the username and password the service then prompts the user to present a
second factor device and press the button for authentication.
Upon authentication by pressing the button present on the U2F Key the service then logs the user into the service.
Kootkey has a built in touch sensor,so whenever the online service prompts you to press the button in the U2F device ,just touch the KootKey on the area marked for touch sensor.
Usage
Using a KootKey key is simple. You just plug it into your computer when prompted and touch the area marked for touch sensor on the top of the KootKey.
Before using the KootKey for U2F authentication purpose , it has to be first registered with the online service which has implemented U2F Protocol into its service infrastructure.
Registration
Registration of U2f Key is a one time process for each online web service.Before starting the registration process, just plug the U2F Key into one of the USB ports of your computer or laptop.
Each online web service which has implemented U2F Protocol for user authentication has an option for registration of U2F key.
When you click on the U2F Key registration option of the online web service ,the browser prompts you to press the button on the U2F key to authenticate the user presence.
Upon pressing the button on the U2F key to authenticate the presence of the user, the U2F key generates the response and sends it to the browser. The browser then sends the response generated by the U2F key to the web server.
After recieving the response from the browser , the server verifies the response and stores the keyHandle,AppID,PublicKey and the Attestation Certificate in to the database , and the registration process is completed.
Authentication
Once the registration of U2F key with online service is complete , you can use the U2F key subsequently for authentication and log into your account .
Before logging into your account , just plug the U2F Key into one of the USB ports of your computer or laptop.
The first step or first factor for logging into your account is as usual , you enter the username and password and click login or signin button.
When you click the login or signin button , the server verifies the username and password. After verification of username and password, the server creates a challenge,retrieves the KeyHandle associated with username and generates the U2F Authentication request with the created challenge , retrieved Keyhandle and appid .
The U2F Authentication request is then sent to the browser . A javascript function on the browser side accepts the authentication request and sends the request to the U2F device. And at the same time the browser prompts the user to press the button on the U2F key.
Upon pressing the button on the U2F key to authenticate the presence of the user, the U2F key generates the response and sends it to the browser. The browser then sends the response generated by the U2F key to the web server.
After recieving the response from the browser , the server verifies the signed response with the public key stored in the database , and after verification updates the counter in the database , and the authentification process is completed.
