WebAuthn PRF Demo

How does this work? 🔑

This demo uses the prf extension in WebAuthn. It allows a website to ask your authenticator (like a YubiKey, Windows Hello, or a passkey on your phone) to generate a secret value.

The key is that for the same passkey and the same input "salt", the authenticator will always produce the exact same pseudo-random number. This is useful for deriving encryption keys client-side without a server ever needing to know the secret.

Note: WebAuthn requires a secure context (HTTPS), though most browsers allow `localhost` for development.

Browser Compatibility Issue

Your browser does not support the WebAuthn API (`PublicKeyCredential`), which is required for this demo to function. Please use a modern browser like Chrome, Firefox, Edge, or Safari.

Step 1: Register a Passkey

First, create a new passkey for this demo. This passkey will be linked to this website's domain and can be stored on your device or a security key.

Note: The credential ID is stored in your browser's localStorage for this demo only.

Step 2: Generate the Number

Now, provide a "salt" and use your registered passkey to generate the number. You will get the same result for the same salt every time!

Input Salt

How does this work? 🔑

Browser Compatibility Issue

Step 1: Register a Passkey

Step 2: Generate the Number

Result ✨