Breaking FIDO Yubico. Are Exploits in There?

Similar documents
Stop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

FIDO TECHNICAL OVERVIEW. All Rights Reserved FIDO Alliance Copyright 2018

Deprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018

Authentication Technology for a Smart eid Infrastructure.

SurePassID ServicePass User Guide. SurePassID Authentication Server 2017

Attacking Your Two-Factor Authentication (PS: Use Two-Factor Authentication)

Addressing Credential Compromise & Account Takeovers: Bearersensitive. Girish Chiruvolu, Ph.D., CISSP, CISM, MBA ISACA NTX April 19

Internet is Global. 120m. 300m 1.3bn Users. 160m. 300m. 289m

Lecture 14 Passwords and Authentication

Last mile authentication problem

MAN-IN-THE-MACHINE: EXPLOIT ILL-SECURE COMMUNICATION INSIDE THE COMPUTER

THE FUTURE OF AUTHENTICATION FOR THE INTERNET OF THINGS

Vidder PrecisionAccess

Practical Issues with TLS Client Certificate Authentication

OpenID Security Analysis and Evaluation

Web Security, Summer Term 2012

Web Security, Summer Term 2012

Berner Fachhochschule Haute cole spcialise bernoise Berne University of Applied Sciences 2

The PKI Lie. The OWASP Foundation Attacking Certificate Based Authentication. OWASP & WASC AppSec 2007 Conference

Intruders, Human Identification and Authentication, Web Authentication

Dissecting NIST Digital Identity Guidelines

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

Florence Blanc-Renaud Senior Software Engineer - Identity Management - Red Hat

OATH-HOTP. Yubico Best Practices Guide. OATH-HOTP: Yubico Best Practices Guide Yubico 2016 Page 1 of 11

SCM STAR Supplier Entitlement Change of login mechanism. Unrestricted Siemens AG 2018

A National e-authentication Service

Proving who you are. Passwords and TLS

Who What Why

SELF SERVICE INTERFACE CODE OF CONNECTION

Hong Kong Access Federation (HKAF) Identity Management Practice Statement (IMPS)

Authentication Methods

IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP

Improving Password Management. Laura Raderman, Policy and Compliance Coordinator, ISO Ole Villadsen, Research Liaison, Cybersecurity, UL

USER AUTHENTICATION GUIDANCE FOR INFORMATION TECHNOLOGY SYSTEMS

BEYOND TRADITIONAL PASSWORD AUTHENTICATION: PKI & BLOCKCHAIN

Preventing Attackers From Using Verifiers: A-PAKE With PK-Id

Information Security CS 526

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

Pro s and con s Why pins # s, passwords, smart cards and tokens fail

Account Takeover: Why Payment Fraud Protection is Not Enough

How Next Generation Trusted Identities Can Help Transform Your Business

Client Certificates Are Going Away

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

P2_L12 Web Security Page 1

Digital Identity Trends in Banking

Rethinking Authentication. Steven M. Bellovin

SAML-Based SSO Solution

Computer Security 3/20/18

Security Specification

Computer Security. 08. Authentication. Paul Krzyzanowski. Rutgers University. Spring 2018

Enterprise Adoption Best Practices

On the Effective Prevention of TLS Man-in-the-Middle Attacks in Web Applications

SSL Server Rating Guide

Security analysis of OpenID, followed by a reference implementation of an npabased OpenID provider

Universal 2nd Factor (U2F) Overview

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

epass FIDO -NFC PRODUCT MANUAL

Chapter 9: Key Management

Hybrid Identity de paraplu in de cloud

Cloud sicherung durch Adaptive Multi-factor Authentication

We Believe: The market will soon require:

Getting Started with Duo Security Two-Factor Authentication (2FA)

Dashlane Security White Paper July 2018

Secure Application Development. OWASP September 28, The OWASP Foundation

Humanistic Multi-Factor Authentication (MFA) Why We Don't Use MFA

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

pinremote Manual Version 4.0

Combating Common Web App Authentication Threats

THE SECURITY LEADER S GUIDE TO SSO

Welcome Guide for MP-1 Token for Microsoft Windows

for Compound Authentication

Securing Internet Communication

Managed Access Gateway One-Time Password Hardware Tokens. User Guide

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

Remote Access with Imprivata Two-factor Authentication

Yubico with Centrify for Mac - Deployment Guide

Hardware One-Time Password User Guide November 2017

KEY DISTRIBUTION AND USER AUTHENTICATION

PRACTICAL PASSWORD AUTHENTICATION ACCORDING TO NIST DRAFT B

UFED Cloud Analyzer. Traces and changes. February Version 6.0

FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication

Software Token Enrollment: SafeNet MobilePASS+ for Apple ios

More than just being signed-in or signed-out. Parul Jain, Architect,

Wireless LAN Security. Gabriel Clothier

Introduction...1. Authentication Methods...1. Classes of Attacks on Authentication Mechanisms...4. Security Analysis of Authentication Mechanisms...

Azure Multi-Factor Authentication: Who do you think you are?

Web Application Security. Philippe Bogaerts

A New Conditional Key based Authentication for Secure Shopping

YubiKey Smart Card Minidriver User Guide. Installation and Usage YubiKey 4, YubiKey 4 Nano, YubiKey 4C, YubiKey 4C Nano, YubiKey NEO, YubiKey NEO-n

Safelayer's Adaptive Authentication: Increased security through context information

isupplier Portal: Multi-Factor Authentication and One-Time- Passcodes Last Updated: 4-Jun-18 Level 4 - Public INFRASTRUCTURE MINING & METALS

Bank Infrastructure - Video - 1

SAML-Based SSO Solution

<Partner Name> <Partner Product> RSA SECURID ACCESS. NetMove SaAT Secure Starter. Standard Agent Client Implementation Guide

ALAP - AgiLe Authentication Provider

What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.

DID WE LOSE THE BATTLE FOR A SECURE WEB?

Google Identity Services for work

Hardware One-Time Password User Guide August 2018

Transcription:

Breaking FIDO Are Exploits in There?

FIDO U2F (Universal 2nd Factor) Analyzing FIDO U2F Attack and Countermeasures Implementation Considerations Resources 2

User Experience 1. Enter username/pwd 2. Insert U2F device 3. Touch U2F device 3

Core Features & Supporting Sites Scalable - Works across any number of services - Remote provisioning Secure - Protects against phishing & MitM - Verifies user presence Simple UX - Single gesture operation Open Standard - Native platform/browser support 4

Challenge Parameter (c) Client Data = Challenge, Origin, Channel ID c = SHA-256 hash (Client Data) 5

Registration U2F Device Client Server AppID, challenge Verify AppID AppID, client data Generate: private key public key key handle public key, key handle, signature Construct client data containing challenge, origin, channel ID pk, kh, sig, client data Verify client data Verify sig Store pk, kh 6

Authentication U2F Device Client Server AppID, challenge, key handle Verify AppID Retrieve private key Verify AppID Sign client data counter ++ AppID, client data, key handle counter, signature Construct client data containing challenge, origin, channel ID Fetch public key, key handle for user counter, signature, client data Verify client data Verify sig 7

Replay sessions acme.com Attacker Reuse credentials Password DB stolen not_protected.com Attacker 8

Password Reuse & Replay Attack U2F Device Relying Party Client challenge challenge Lookup kpub Sign with kpriv signature(challenge) s s Check signature (s) using kpub 9

Attacker site acm3.com acme.com Phishing (pwd, OTP, SMS, Push) Attacker 10

Attacker site acm3.com acme.com Phishing Proof of user presence Attacker 11

Phishing Protection U2F Device Relying Party Client challenge challenge, origin, channel id Retrieve private key Verify AppID Sign client data Lookup kpub c signature(c) s c, s Check s using kpub Verify origin & channel id 12

1 MitM (fake/stolen cert, BEAST) 2 acme.com steal assertion 4 use cookie 3 Proof of user presence Attacker 13

Hijack User Login Session U2F Device Client Server AppID, challenge, key handle Verify AppID AppID, client data, key handle Retrieve private key Verify AppID Sign client data signature Construct client data containing challenge, origin, channel ID Fetch public key, key handle for user signature, client data steal cookie Verify client data Verify sig 14

Channel ID (Token Binding) TLS Bind Token with Token Binding ID Token Binding (Private Key) Token Binding ID: Hash<Public Key> acme.com Token Binding (Public Key) 15

Token Binding acme.com server Steal assertion Proof of user presence No assertion or cookie reuse Attacker 16

MitM Protection U2F Device Relying Party Client challenge challenge, origin, channel id Verify AppID Sign client data c signature(c) s Lookup kpub c, s Check s using kpub Verify origin & channel id 17

I promise a user was here The server challenge was: KSDJsdASc8-A17pW The origin was: accounts.acme.com The TLS connection state was: 3454567 Sincerely, your Browser Origin mismatch for key handle => MitM attack! Incorrect origin name => MitM attack! Channel ID mismatch => MitM attack! 18

Malware Attacker acme.com server 19

Compromised Client U2F Device Client Server AppID, challenge, key handle Verify AppID AppID, client data, key handle Retrieve private key Verify AppID Sign client data signature Construct client data containing challenge, origin, channel ID Fetch public key, key handle for user signature, client data Verify client data Verify sig 20

Extract/Export Private Key Attacker acme.com server Proof of user presence

What are the Alternatives? Smart card => Scaling OTP/SMS => Phishing Push notification => Phishing Google s research paper on FIDO U2F deployment: yubico.com/google-study 22

Implementation Considerations Registration flow - TOFU (Trust On First Use) - Attacker enables FIDO on account first - User sets up weak backup options Recovery flow - Lowering the level of assurance - Lost/stolen authenticator/device - Onboarding credentials to new devices 23

How to Get Started? Learn Read the specifications dev.yubi.co/u2f & github.com/dainnilsson/u2f-tutorial Go through a MiniTwit U2F tutorial MiniTwit training video Implement Google reference code github.com/google/u2f-ref-code Build your own U2F server dev.yubi.co/u2f/libraries Use Yubico standalone U2F server dev.yubi.co/u2fval Test Yubico U2F demo server demo.yubico.com/u2f Google U2F demo server u2fdemo.appspot.com 24

Thank you! Questions

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback