CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
-
Upload
cloudidsummit -
Category
Technology
-
view
488 -
download
4
description
Transcript of CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications
FIDO UAF Overview
Cloud Authentication
Password might be entered into untrusted App / Web-site (“phishing”)
1 Password could be stolen from the server
2
Too many passwords to remember à re-use / cart abandonment
3
Inconvenient to type password on phone
4
Password Issues
OTP vulnerable to real-time MITM and MITB attacks
1
SMS security questionable, especially when Device is the phone
2 OTP HW tokens are expensive and people don’t want another device
3
Inconvenient to type OTP on phone
4
OTP Issues
Authentication silos COMPLEXITY, REDUNDANCY, COSTS
App 2
New App ?
RP 1 RP 1 App 1
?
Applications Authentication Methods
How does FIDO UAF work?
Device
How does FIDO UAF work?
…
… SE
How does FIDO UAF work?
Can recognize the user (i.e. user verification), but doesn’t have an identity proof of the user.
Same Authenticator as registered before? Same User as
enrolled before?
How does FIDO UAF work?
Same Authenticator as registered before? Same User as
enrolled before?
Identity binding to be done outside FIDO: This this “John Doe with customer ID X”.
Can recognize the user (i.e. user verification), but doesn’t have an identity proof of the user.
How does FIDO UAF work?
Generate key pair in Authenticator and give
public key to server Verify user before
signing authentication response
Provide cryptographic proof of authenticator
model
Use Metadata to understand Authenticator model security
characteristic
Define policy of acceptable
Authenticators Use site-specific keys in order to protect privacy
Knows user IDs for registered web
sites
FIDO Server
App FIDO Authenticator
Device Relying Party Web App
UAF Registration
Prepare 0
FIDO Authenticator
FIDO Server
Web App
App
Prepare 0
UAF Registration
FIDO Authenticator
FIDO Server
Web App
App
Prepare
UAF Registration
0
FIDO Authenticator
FIDO Server
Web App
App
Legacy Auth + Initiate Reg. 1
Prepare
UAF Registration
0
FIDO Authenticator
FIDO Server
Web App
App
1
Prepare
UAF Registration
0
Legacy Auth + Initiate Reg.
FIDO Authenticator
FIDO Server
Web App
App
1
Prepare
2
UAF Registration
0
Legacy Auth + Initiate Reg.
Reg. Request + Policy
FIDO Authenticator
FIDO Server
Web App
App
1
[email protected] Pat Johnson
Link your fingerprint Prepare
2
UAF Registration
0
Legacy Auth + Initiate Reg.
Reg. Request + Policy
FIDO Authenticator
FIDO Server
Web App
App
1
[email protected] Pat Johnson
Link your fingerprint Prepare
2
3 Verify User & Generate New
Key Pair (specific to RP Webapp)
UAF Registration
0
Legacy Auth + Initiate Reg.
Reg. Request + Policy
FIDO Authenticator
FIDO Server
Web App
App
1
[email protected] Pat Johnson
Link your fingerprint Prepare
Reg. Request + Policy
2
3 Verify User & Generate New
Key Pair (specific to RP Webapp)
Reg. Response
4
UAF Registration
0
Legacy Auth + Initiate Reg.
Key Registration Data: • Hash(FinalChallenge) • AAID • Public key • KeyID • Registration Counter • Signature Counter • Signature (attestation key) FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)
FIDO Authenticator
FIDO Server
Web App
App
1
[email protected] Pat Johnson
Prepare
2
3 Verify User & Generate New
Key Pair (specific to RP Webapp)
Reg. Response
4
Success
5
UAF Registration
0
Legacy Auth + Initiate Reg.
Reg. Request + Policy
FIDO Building Blocks FIDO USER DEVICE
FIDO CLIENT
RELYING PARTY
FIDO SERVER
Metadata Service
FIDO AUTHENTICATOR
WEB SERVER BROWSER / APP
Cryptographic authentication key
reference DB
Authenticator Metadata &
attestation trust store
Attestation key
Authentication keys
Update
UAF Protocol
TLS Server Key
ASM
AAID & Attestation FIDO Authenticator
FIDO Authenticator
Using HW based crypto
Pure SW based implementation
Based on FP Sensor X
Based on Face Recognition alg. Y
AAID 1
AAID 2
Attestation Key 1
Attestation Key 2
AAID: Authenticator Attestation ID (=model name)
Privacy & Attestation
Bob’s FIDO Authenticator
Using HW based crypto Based on FP Sensor X
FIDO SERVER RP1
FIDO SERVER RP2
Model A
Model A
Model A
Serial #
Attestation & Metadata
FIDO SERVER FIDO AUTHENTICATOR
Metadata
Signed Attestation Object
Verify using trust anchor included in Metadata
Understand Authenticator security characteristic by looking into Metadata (and potentially other sources)
Authenticator Meta-Data See fido-uaf-authnr-metadata
FIDO Authenticator
FIDO Server
Web App
App
Prepare 0
UAF Authentication
FIDO Authenticator
FIDO Server
Web App
App
Prepare
UAF Authentication
0
FIDO Authenticator
FIDO Server
Web App
App
Prepare
UAF Authentication
0
FIDO Authenticator
FIDO Server
Web App
App
Prepare
UAF Authentication
0
FIDO Authenticator
FIDO Server
Web App
App
Prepare
UAF Authentication
Initiate Authentication 1
0
FIDO Authenticator
FIDO Server
Web App
App
Prepare
UAF Authentication
Initiate Authentication 1
Auth. Request with Challenge
2
0
FIDO Server
Web App
App
Prepare
UAF Authentication
[email protected] Pat Johnson
Initiate Authentication 1
3 Verify User &
Sign Challenge (Key specific to RP
Webapp)
FIDO Authenticator
Auth. Request with Challenge
2
0
FIDO Server
Web App
App
Prepare
UAF Authentication
Pat Johnson 650 Castro Street Mountain View, CA 94041 United States
Initiate Authentication 1
FIDO Authenticator
3 Verify User &
Sign Challenge (Key specific to RP
Webapp)
Auth. Response
4
Auth. Request with Challenge
2
0 SignedData: • SignatureAlg • Hash(FinalChallenge) • Authenticator random • Signature Counter • Signature FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)
FIDO Server
Web App
App
Prepare
UAF Authentication
[email protected] Pat Johnson
Payment complete!
Return to the merchant’s web site to continue shopping
Return to the merchant
Initiate Authentication 1
FIDO Authenticator
3 Verify User &
Sign Challenge (Key specific to RP
Webapp)
Auth. Request with Challenge
2
Auth. Response
4
Success
5
0
FIDO Server
Browser or Native App
FIDO Authenticator Initiate Transaction
Authentication Response + Text Hash,
signed by User’s private key Validate
Response & Text Hash
using User’s Public Key
Authentication Request + Transaction Text
2
4
5
Device Relying Party
1
3
Web App
Display Text, Verify User & Unlock
Private Key (specific to User + RP Webapp)
Transaction Confirmation
SignedData: • SignatureAlg • Hash(FinalChallenge) • Authenticator random • Signature Counter • Hash(Transaction Text) • Signature FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)
The Authenticator Concept
FIDO Authenticator
User Verification /
Presence
Secure Display
Attestation Key
Authentication Key(s) User
Injected at manufacturing, doesn’t change
Generated at runtime (on
Registration) Optional
Components
Using Secure Hardware
FIDO Authenticator in SIM Card
User Verification (PIN)
SIM Card Attestation Key
Authentication Key(s)
Trusted Execution Environment (TEE)
FIDO Authenticator as Trusted Application (TA)
Client Side Biometrics
User Verification / Presence Attestation Key
Authentication Key(s)
Store at Enrollment
Compare at Authentication Unlock after comparison
Trusted Execution Environment (TEE)
Using Secure Hardware
FIDO Authenticator as Trusted Application (TA)
User Verification /
Presence
Secure Display
Secure Element Attestation Key
Authentication Key(s)
e.g. GlobalPlatform Trusted UI
Leveraging hardware security
User Space Secure
Hardware
ASM
UX Layer Input, Display
Crypto Layer ASM
UX Layer Input, Display
Crypto Layer
ASM
Crypto Layer
UX Layer Input, Display
No Secure HW Secure Crypto +
Storage
Secure Execution
Environment and/or Secure
Elements
FIDO & Federation
FIDO USER DEVICE
FIDO CLIENT
IdP
FIDO SERVER FIDO AUTHENTICATOR
FEDERATION SERVER BROWSER / APP UAF Protocol Service Provider
Federation
Id DB
Knows details about the Authentication strength
Knows details about the Identity and its verification
strength.
First Mile Second Mile
How FIDO Addresses Threat Classes
UAF Specifications
FIDO at Industry Event – Readiness SIM as Secure Element
Fingerprint, TEE, Mobile
Speaker Recognition
Mobile via NFC
PIN + MicroSD
USB
SE Embedded SE
OEM Enabled: Lenovo ThinkPads with Fingerprint Sensors
OEM Enabled: Samsung Galaxy S5 smartphone & Galaxy Tab S tablets
Clients available for these operating systems:
Software Authenticator Examples: Speaker/Face recognition, PIN, QR Code, etc.
Aftermarket Hardware Authenticator Examples: USB fingerprint scanner, MicroSD Secure Element
FIDO READY™ PRODUCTS SHIPPING TODAY
The FIDO Alliance and Nok Nok Labs
Standards Products
Industry Standard Protocol
“FIDO Ready™”
FIRST FIDO Ready™ Server and Client Software:
NNL S3 Suite
Key Industry Partnerships
Call to Action
• FIDO is ready for use – launch a PoC, Pilot • Get Involved:
o Develop or adapt your products to FIDO o Come to the plenary, meet and mingle, speak with the pioneers,
select your partners o Join the Alliance and contribute – we are a volunteer run
organization o Contact [email protected] for membership details o Other questions – [email protected]
Relying Party
(example.com)
username, policy, AppID, challenge
username u, ak; hash(fcp)
a
generate: key kpub key kpriv handle h aaid, kpub, fc, h, attestation cert, reg-cntr, cntr,
signature(aaid,fc,reg-cntr,cntr,kpub) aaid, kpub, fc, h, attestation cert,
reg-cntr, cntr, s store: key kpub handle h
s
UAF Registration
ASM + FIDO Client + Browser 1stF IAuthnr
select Authenticator according to policy; check AppID, get tlsData (i.e. channel id, etc.);
generate APIKey random, compute access key ak := hash(AppID|APIKey|PersonaID|CallerID)
fcp := {a, challenge, facetID, tlsData}
fc
Note: This represents using a FIDO First-Factor Internal Authenticator -- it makes the differences to U2F more clear.
1stF IAuthnr ASM + FIDO Client
+ Browser Relying Party
h, ak; hash(fcp)
select Authenticator according to policy; check AppID, get tlsData (i.e. channel id, etc.);
lookup key handle h and access key ak; fcp := {a, challenge, facetID, tlsData}
check: ak retrieve: key kpriv from h; cntr++ generate Authnr Nonce n fc, n, cntr, signature(fc,n,cntr)
fcp, n, cntr, s
lookup kpub from DB check: policy + signature using key kpub
s
UAF Authentication
fc
a
policy, AppID, challenge
Note: NO username+Password login required before this sequence. Click on FIDO Button (or similar trigger) is sufficient.
Binding Authenticator to User
Login with legacy credential
User A
Cloud Service
1
Perform FIDO Register function
Authenticator 1
2
User A
Authenticator 1
Case A: Existing User
Binding Authenticator to User
Create new account
User B Cloud Service
1
Perform FIDO Register function
Authenticator 2 Cloud Service
2
User B
Authenticator 2
Case B: New User Opt.: verify attrs. with 3rd party
www.fidoalliance.org/specifications/download
Thank you