WebAuthn PRF Extension Enables Passwordless End-to-End Encryption in Browser
A developer has built an end-to-end encrypted notes app called pknotes that uses the little-known PRF extension in the WebAuthn specification to derive encryption keys directly from passkey authentication. During a standard passkey login, the browser receives a deterministic 32-byte output from the authenticator that never reaches the server, which is then used via HKDF-SHA256 to derive a key-encryption key in browser memory. This key-encryption key unwraps a randomly generated AES-256 master key, which in turn encrypts the user's notes — meaning the passkey unlocks data in a cryptographic sense, not just an identity sense. The architecture supports multiple devices by having each passkey wrap its own copy of the master key, so adding a new device requires only one additional wrap operation rather than re-encrypting all data. A one-time 160-bit recovery code is issued at signup as a fallback, and full device revocation triggers a fresh master key generation and complete re-encryption of all stored notes.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)
Log in to join the discussion and vote.
Log in