CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications

FIDO UAF Overview

Cloud Authentication

Password might be entered into untrusted App / Web-site (“phishing”)

1 Password could be stolen from the server

2

Too many passwords to remember à re-use / cart abandonment

3

Inconvenient to type password on phone

4

Password Issues

OTP vulnerable to real-time MITM and MITB attacks

1

SMS security questionable, especially when Device is the phone

2 OTP HW tokens are expensive and people don’t want another device

3

Inconvenient to type OTP on phone

4

OTP Issues

Authentication silos COMPLEXITY, REDUNDANCY, COSTS

App 2

New App ?

RP 1 RP 1 App 1

?

Applications Authentication Methods

How does FIDO UAF work?

Device


…

… SE


Can recognize the user (i.e. user verification), but doesn’t have an identity proof of the user.

Same Authenticator as registered before? Same User as

enrolled before?


Same Authenticator as registered before? Same User as

enrolled before?

Identity binding to be done outside FIDO: This this “John Doe with customer ID X”.

Can recognize the user (i.e. user verification), but doesn’t have an identity proof of the user.


Generate key pair in Authenticator and give

public key to server Verify user before

signing authentication response

Provide cryptographic proof of authenticator

model

Use Metadata to understand Authenticator model security

characteristic

Define policy of acceptable

Authenticators Use site-specific keys in order to protect privacy

Knows user IDs for registered web

sites

FIDO Server

App FIDO Authenticator

Device Relying Party Web App

UAF Registration

Prepare 0

FIDO Authenticator

FIDO Server

Web App

App

Prepare 0

UAF Registration

FIDO Authenticator

FIDO Server

Web App

App

Prepare

UAF Registration

0

FIDO Authenticator

FIDO Server

Web App

App

Legacy Auth + Initiate Reg. 1

Prepare

UAF Registration

0

FIDO Authenticator

FIDO Server

Web App

App

1

Prepare

UAF Registration

0

Legacy Auth + Initiate Reg.

FIDO Authenticator

FIDO Server

Web App

App

1

Prepare

2

UAF Registration

0


Reg. Request + Policy

FIDO Authenticator

FIDO Server

Web App

App

1

[email protected] Pat Johnson

Link your fingerprint Prepare

2

UAF Registration

0



FIDO Authenticator

FIDO Server

Web App

App

1



2

3 Verify User & Generate New

Key Pair (specific to RP Webapp)

UAF Registration

0



FIDO Authenticator

FIDO Server

Web App

App

1




2



Reg. Response

4

UAF Registration

0


Key Registration Data: •  Hash(FinalChallenge) •  AAID •  Public key •  KeyID •  Registration Counter •  Signature Counter •  Signature (attestation key) FinalChallenge=Hash(AppID | FacetID

| tlsData | challenge)

FIDO Authenticator

FIDO Server

Web App

App

1


Prepare

2



Reg. Response

4

Success

5

UAF Registration

0



FIDO Building Blocks FIDO USER DEVICE

FIDO CLIENT

RELYING PARTY

FIDO SERVER

Metadata Service

FIDO AUTHENTICATOR

WEB SERVER BROWSER / APP

Cryptographic authentication key

reference DB

Authenticator Metadata &

attestation trust store

Attestation key

Authentication keys

Update

UAF Protocol

TLS Server Key

ASM

AAID & Attestation FIDO Authenticator

FIDO Authenticator

Using HW based crypto

Pure SW based implementation

Based on FP Sensor X

Based on Face Recognition alg. Y

AAID 1

AAID 2

Attestation Key 1

Attestation Key 2

AAID: Authenticator Attestation ID (=model name)

Privacy & Attestation

Bob’s FIDO Authenticator

Using HW based crypto Based on FP Sensor X

FIDO SERVER RP1

FIDO SERVER RP2

Model A

Model A

Model A

Serial #

Attestation & Metadata

FIDO SERVER FIDO AUTHENTICATOR

Metadata

Signed Attestation Object

Verify using trust anchor included in Metadata

Understand Authenticator security characteristic by looking into Metadata (and potentially other sources)

Authenticator Meta-Data See fido-uaf-authnr-metadata

FIDO Authenticator

FIDO Server

Web App

App

Prepare 0

UAF Authentication

FIDO Authenticator

FIDO Server

Web App

App

Prepare

UAF Authentication

0

FIDO Authenticator

FIDO Server

Web App

App

Prepare

UAF Authentication

Initiate Authentication 1

0

FIDO Authenticator

FIDO Server

Web App

App

Prepare

UAF Authentication


Auth. Request with Challenge

2

0

FIDO Server

Web App

App

Prepare

UAF Authentication



3 Verify User &

Sign Challenge (Key specific to RP

Webapp)

FIDO Authenticator


2

0

FIDO Server

Web App

App

Prepare

UAF Authentication

Pat Johnson 650 Castro Street Mountain View, CA 94041 United States


FIDO Authenticator

3 Verify User &


Webapp)

Auth. Response

4


2

0 SignedData: •  SignatureAlg •  Hash(FinalChallenge) •  Authenticator random •  Signature Counter •  Signature FinalChallenge=Hash(AppID | FacetID


FIDO Server

Web App

App

Prepare

UAF Authentication


Payment complete!

Return to the merchant’s web site to continue shopping

Return to the merchant


FIDO Authenticator

3 Verify User &


Webapp)


2

Auth. Response

4

Success

5

0

FIDO Server

Browser or Native App

FIDO Authenticator Initiate Transaction

Authentication Response + Text Hash,

signed by User’s private key Validate

Response & Text Hash

using User’s Public Key

Authentication Request + Transaction Text

2

4

5

Device Relying Party

1

3

Web App

Display Text, Verify User & Unlock

Private Key (specific to User + RP Webapp)

Transaction Confirmation

SignedData: •  SignatureAlg •  Hash(FinalChallenge) •  Authenticator random •  Signature Counter •  Hash(Transaction Text) •  Signature FinalChallenge=Hash(AppID | FacetID


The Authenticator Concept

FIDO Authenticator

User Verification /

Presence

Secure Display

Attestation Key

Authentication Key(s) User

Injected at manufacturing, doesn’t change

Generated at runtime (on

Registration) Optional

Components

Using Secure Hardware

FIDO Authenticator in SIM Card

User Verification (PIN)

SIM Card Attestation Key

Authentication Key(s)

Trusted Execution Environment (TEE)

FIDO Authenticator as Trusted Application (TA)

Client Side Biometrics

User Verification / Presence Attestation Key


Store at Enrollment

Compare at Authentication Unlock after comparison

Trusted Execution Environment (TEE)

Using Secure Hardware

FIDO Authenticator as Trusted Application (TA)

User Verification /

Presence

Secure Display

Secure Element Attestation Key


e.g. GlobalPlatform Trusted UI

Leveraging hardware security

User Space Secure

Hardware

ASM

UX Layer Input, Display

Crypto Layer ASM


Crypto Layer

ASM

Crypto Layer


No Secure HW Secure Crypto +

Storage

Secure Execution

Environment and/or Secure

Elements

FIDO & Federation

FIDO USER DEVICE

FIDO CLIENT

IdP

FIDO SERVER FIDO AUTHENTICATOR

FEDERATION SERVER BROWSER / APP UAF Protocol Service Provider

Federation

Id DB

Knows details about the Authentication strength

Knows details about the Identity and its verification

strength.

First Mile Second Mile

How FIDO Addresses Threat Classes

UAF Specifications

FIDO at Industry Event – Readiness SIM as Secure Element

Fingerprint, TEE, Mobile

Speaker Recognition

Mobile via NFC

PIN + MicroSD

USB

SE Embedded SE

OEM Enabled: Lenovo ThinkPads with Fingerprint Sensors

OEM Enabled: Samsung Galaxy S5 smartphone & Galaxy Tab S tablets

Clients available for these operating systems:

Software Authenticator Examples: Speaker/Face recognition, PIN, QR Code, etc.

Aftermarket Hardware Authenticator Examples: USB fingerprint scanner, MicroSD Secure Element

FIDO READY™ PRODUCTS SHIPPING TODAY

The FIDO Alliance and Nok Nok Labs

Standards Products

Industry Standard Protocol

“FIDO Ready™”

FIRST FIDO Ready™ Server and Client Software:

NNL S3 Suite

Key Industry Partnerships

Call to Action

• FIDO is ready for use – launch a PoC, Pilot • Get Involved:

o  Develop or adapt your products to FIDO o  Come to the plenary, meet and mingle, speak with the pioneers,

select your partners o  Join the Alliance and contribute – we are a volunteer run

organization o  Contact [email protected] for membership details o  Other questions – [email protected]

Relying Party

(example.com)

username, policy, AppID, challenge

username u, ak; hash(fcp)

a

generate: key kpub key kpriv handle h aaid, kpub, fc, h, attestation cert, reg-cntr, cntr,

signature(aaid,fc,reg-cntr,cntr,kpub) aaid, kpub, fc, h, attestation cert,

reg-cntr, cntr, s store: key kpub handle h

s

UAF Registration

ASM + FIDO Client + Browser 1stF IAuthnr

select Authenticator according to policy; check AppID, get tlsData (i.e. channel id, etc.);

generate APIKey random, compute access key ak := hash(AppID|APIKey|PersonaID|CallerID)

fcp := {a, challenge, facetID, tlsData}

fc

Note: This represents using a FIDO First-Factor Internal Authenticator -- it makes the differences to U2F more clear.

1stF IAuthnr ASM + FIDO Client

+ Browser Relying Party

h, ak; hash(fcp)

select Authenticator according to policy; check AppID, get tlsData (i.e. channel id, etc.);

lookup key handle h and access key ak; fcp := {a, challenge, facetID, tlsData}

check: ak retrieve: key kpriv from h; cntr++ generate Authnr Nonce n fc, n, cntr, signature(fc,n,cntr)

fcp, n, cntr, s

lookup kpub from DB check: policy + signature using key kpub

s

UAF Authentication

fc

a

policy, AppID, challenge

Note: NO username+Password login required before this sequence. Click on FIDO Button (or similar trigger) is sufficient.

Binding Authenticator to User

Login with legacy credential

User A

Cloud Service

1

Perform FIDO Register function

Authenticator 1

2

User A

Authenticator 1

Case A: Existing User

Binding Authenticator to User

Create new account

User B Cloud Service

1

Perform FIDO Register function

Authenticator 2 Cloud Service

2

User B

Authenticator 2

Case B: New User Opt.: verify attrs. with 3rd party

www.fidoalliance.org/specifications/download

Thank you

CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications

Technology

Transcript of CIS14: An Overview of FIDO's Universal Factor (UAF) Specifications