Is there any privacy- or security-relevant difference between FIDO2 and SQRL

Question

I just learned about FIDO2 (WebAuthn) and try to make a comparison to the lesser-known novel SQRL authentication scheme.

Both seem to use the same key elements:

• a private, user-resident "master key" thus not relying on a 3rd party like OAuth.
• a specific piece of soft- or hardware managing the identity
• a specific protocol to establish/claim an identity to a web server/service
• an intermediate public key, derived from the master key
• the intermediate public key is unique to a domain name, thus providing privacy against other servers/services on other domains
• a changing challenge/nonce for each authentication attempt, to mitigate against replay attacks.

So, with this, is there a significant difference I did not spot yet?

Note: This is not about usability or specific implementations of it (clients or server components, but more about the architecture.

---

Resources for FIDO2

• https://fidoalliance.org/fido2/fido2-web-authentication-webauthn/
• https://fidoalliance.org/specs/fido-uaf-v1.1-ps-20170202/fido-uaf-overview-v1.1-ps-20170202.pdf (Spec)
• https://www.heise.de/select/ct/2019/18/1566919516550023

Resources for SQRL

• https://sqrl.pl/guide/ (Illustrated Guide)
• https://www.grc.com/sqrl/sqrl.htm
• https://sqrl.pl/blog/

Answer 1

The most different part between the two seems to be how identities for websites are created:

• SQRL derives identities for all websites from the master key
• FIDO creates and stores a random identity for each website

This means, that SQRL tightly binds a user identity to a website. See SQRL's Identity Lock Protocol. However, the concept of alternate identities is provided.

Also, the Transcript of Security now Episode #875 contains some comparative sections. Disclaimer: SQRL was createdy by Steve Gibson, which is also the host of the Security Now podcast.