FIDO2 WTF @vixentael

Anastasiia Voitova, @vixentael Head of customer solutions, Security software engineer @ Cossack Labs. cossacklabs.com Building & breaking software in critical infra, payment processors, ML/AI, IoT and robotic devices, communication systems — where data security is a hard requirement.

@vixentael What we will talk about 1. AuthN, MFA. 2. FIDO, FIDO2, WebAuthN. 3. WebAuthN: register, login. 4. Tokens: hardware token, phone as token. 5. Why so fragile? 6. The options!

Authentication, 1FA, MFA

@vixentael ID, authN, authZ Identi fi cation — establish identity. User is X. Authentication — verify the user is who they claim to be. Establish trust the user. Con fi rm that user is X. Authorization – if the user X is allowed to have access / perform function Y.

@vixentael MFA 1. Thing I know 2. Thing I have 3. Thing I am password passphrase pin code sec question hw token OTP, TOTP phone phone number email smart card face fi ngers voice iris NIST SP 800-63B: Digital Identity Guidelines

@vixentael MFA: 1+2 | 1+3 | 2+3 1. Thing I know 2. Thing I have 3. Thing I am password passphrase pin code sec question hw token OTP, TOTP phone phone number email smart card face fi ngers voice iris NIST SP 800-63B: Digital Identity Guidelines

FIDO, FIDO2, WebAuthN

@vixentael FIDO and FIDO2 FIDO U2F – FIDO Universal Second Factor. Physical key, 2FA. FIDO UAF – FIDO Universal Authentication Framework. Passwordless. CTAP – Client to Authenticator Protocols. WebAuthN – web API protocol. www.w3.org/TR/webauthn-1/

@vixentael FIDO and FIDO2 FIDO U2F – FIDO Universal Second Factor. Physical key, 2FA. FIDO UAF – FIDO Universal Authentication Framework. Passwordless. CTAP – Client to Authenticator Protocols. WebAuthN – web API protocol. FIDO2, 1-2FA }

@vixentael FIDO and FIDO2 FIDO U2F – FIDO Universal Second Factor. Physical key, 2FA. FIDO UAF – FIDO Universal Authentication Framework. Passwordless. CTAP – Client to Authenticator Protocols. WebAuthN – web API protocol. CTAP1, CTAP2 FIDO2, 1-2FA }

@vixentael FIDO U2F FIDO U2F – FIDO Universal Second Factor, 2FA. Works together with password. Device computes crypto keys, doesn’t store anything. U2F – “user presence” (something we have) — just tap a button on a hw token.

@vixentael FIDO2 FIDO UAF + WebAuthN. Passwordless. Works instead of password. Device stores unique crypto keypair per each account, each website. Requires “user veri fi cation” – tap the button + enter pin code on HW token. nitrokey.com/blog/2022/ fi do2-webauthn-passkeys-2022-and-2023

@vixentael OWASP ASVS github.com/OWASP/ASVS/blob/master/5.0/en/0x11-V2-Authentication.md Applications should strongly encourage users to enroll in MFA, and should allow users to re-use tokens they already possess, such as FIDO or U2F tokens.

WebAuthN operations

@vixentael Register user https://webauthn.guide/ Client: let’s register. Server: here is random string. Client: generate keypair, store securely, send to server {username, public key, random string}. Server: receive, create user and store username and public key.

@vixentael Login user Client: let’s login. Server: here is random string. Client: sign string, send to server {username, signed string}. Server: receive, verify signature with public key, login user.

@vixentael Cryptography Elliptic curves: ECDSA, EdDSA. RSA: RSASSA-PSS, RSASSA-PKCS1 MHcCAQEEILOkJDyU6QgsNh6VLmU6wBkAZmUVf44nQz+ZsXJ/PeohoAoGCCqGSM49 AwEHoUQDQgAEwzECZSx1Z8bNCp61Jms3q/HtOW4ESkE8RmRnQYmJdO/aVWceJ8R5 5LS67Dv7rhWOK0NY0VE+nVY3MqIXBEzFnw== MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEwzECZSx1Z8bNCp61Jms3q/HtOW4E SkE8RmRnQYmJdO/aVWceJ8R55LS67Dv7rhWOK0NY0VE+nVY3MqIXBEzFnw== private key, secp256r1 public key, secp256r1

@vixentael Pros & cons of FIDO2 • Stronger than passwords. • No need to remember password. • No phishing. • Backend doesn’t store secrets. Can’t steal passwords. • Passwordless is easy for users. • Interoperability between devices.

@vixentael Pros & cons of FIDO2 • Stronger than passwords. • No need to remember password. • No phishing. • Backend doesn’t store secrets. Can’t steal passwords. • Passwordless is easy for users. • Interoperability between devices. • Requires device. • Usability challenges, learning curve. • Limited adoption. • Lose device — lose access* • Hard to backup and recover* * — Apple and Google provide own recovery mechanisms linked to AppleID / Google account.

@vixentael

@vixentael 1. Thing I know 2. Thing I have 3. Thing I am password passphrase pin code sec question hw token OTP, TOTP phone phone number email smart card face fi ngers voice iris MFA: 1+2 | 1+3 | 2+3

@vixentael Using FIDO2 as MFA 1. Thing I know 2. Thing I have 3. Thing I am password passphrase pin code hw token phone face fi ngers 1 + 2; 1 + 3; 2 + 3

Types of tokens

@vixentael Hardware token A small portable specialized HSM. 
 - createKeypair(entityID) 
 - exportPublickey(entityID) 
 - signData(data) Protects keypairs per account. 
 Not a fl ash drive! 
 Can’t export private keys. 
 Supports USB, USB-C, BLE, NFC… “Security key”

@vixentael Hardware token External hardware token.

@vixentael Hardware token on MacBook

@vixentael Hardware token on iPhone

@vixentael Passkeys (phone as token) iPhone, Android phone or laptop as hardware token. Generates keypairs. Stores in secure storage. Looks easier than password.

@vixentael My Mac as passkey. Passkeys (laptop as token)

@vixentael Passkeys (laptop as token)

@vixentael Passkeys (phone as token)

Why so fragile?

@vixentael Why so fragile? Operating system iOS 14+, Android 10+. MacOS, Linux, Windows. Passkeys Cryptographic co-processors, phones, laptops. Browser support Chrome, Safari, Firefox, others API application API platform support Security tokens HW tokens: USB, USBC, BLE, NFC.

@vixentael Why so fragile? Operating system iOS 14+, Android 10+. MacOS, Linux, Windows. Passkeys Cryptographic co-processors, phones, laptops. Browser support Chrome, Safari, Firefox, others API application API platform support Security tokens HW tokens: USB, USBC, BLE, NFC. token token server

@vixentael System support (2020 pic) fi doalliance.org/expanded-support-for- fi do-authentication-in-ios-and- macos/

@vixentael Azure Active Directory learn.microsoft.com/en-us/azure/active-directory/authentication/ fi do2-compatibility

@vixentael YubiCo support (YubiKeys) support.yubico.com/hc/en-us/articles/360016615020-Operating- system-and-web-browser-support-for-FIDO2-and-U2F

Authentication? Easy!

@vixentael