Concepts

Decentralized Identifiers

AuthNull supports Decentralized Identifiers (DID) as well as Verified Credentials, commonly referred to as Passwordless Credentials throughout this documentation and on our website.

AuthNull enables passwordless access to server infrastructure. AuthNull replaces passwords and SSH keys with Decentralized Identifiers (DID) and Verified Credentials.

Two roots of Trust

Additionally AuthNull enables two roots of security as opposed to a single root of trust enabling significantly better security compared to other similar solutions. Both the organization and the user have their own identities and both need to sign every authentication request to be able to access a given server infrastructure.

Decentralized authentication

Decentralized autnentication is facilitated by the user’s devices which store the credentials as opposed to a centralized vault. All autnenticatin requires two roots of trust.

Vaultless Credential Storage

AuthNull removes the need for a Centralized Vault, a major attack vector by the use of an authenticator app / wallet.

Authenticator App / Wallet

The authenticator app / wallet is a decentralized app owned by individual users who save their own credentials including Passwordless and Password based ( SSH Keys and Passwords) credentials. However all credentials are wrapped as a credential, and mostly automatically looked-up except in situations or use cases where that is not possible.

The wallet acts as a decentralized storage and uses public key cryptography to sign credentials with users’ private keys.

Public Key Cryptography

Public key cryptography is used extensively with FIPS compliant ED25519 as the signature method to create private keys for both the organization as well as the usear.