FIDO Authentication Technical Overview

1
FIDO AUTHENTICATION
TECHNICAL OVERVIEW
All Rights Reserved | FIDO Alliance | Copyright 2018

HOW SECURE IS AUTHENTICATION?

CLOUD AUTHENTICATION
DeviceSomething Authentication
Risk Analytics
Internet

PASSWORD ISSUES
Internet
Password could be stolen
from the server
1Password might be entered
into untrusted App / Web-
site (“phishing”)
2
Too many passwords to
remember
(>re-use / cart
Abandonment)
3
Inconvenient to type
password on phone
4

OTP ISSUES
Internet
OTP vulnerable to real-
time MITM and MITB
attacks
1
SMS security questionable,
especially when Device is
the phone
2
OTP HW tokens are
expensive and people don’t
want another device
3
Inconvenient to type
OTP into phone
4

Attacks require physical action → not scalable
Things are never 100% secure, so focus on adequate security.
Focus on the scalable attacks first.
Scalable Attacks

HOW DOES FIDO WORK?

HOW DOES FIDO WORK?
DeviceUser verification FIDO Authentication
Authenticator

FIDO AUTHENTICATORS
We see “Bound” Authenticators,
i.e. authenticators that are an
integral part of a smartphone or laptop.
We see “Roaming” Authenticators,
i.e. authenticators that can be connected to
different smartphones or laptops using
CTAP.
In both categories you find support for different modalities
Verify
User
Verify User
Presence

HOW DOES FIDO WORK?
AuthenticatorUser verification FIDO Authentication
Require user gesture before
private key can be used
Challenge
(Signed) Response
Private key
dedicated to one
app Public key

HOW DOES FIDO WORK?
Same Authenticator
as registered before?
Same User as
enrolled before?
Can recognize the user (i.e.
user verification), but doesn’t
know its identity attributes.

HOW DOES FIDO WORK?
Same Authenticator
as registered before?
Same User as
enrolled before?
Can recognize the user (i.e.
user verification), but doesn’t
know its identity attributes.
Identity binding to be
done outside FIDO:
This this “John Doe
with customer ID X”.

FIDO & Federation
FIDO USER DEVICE
FIDO CLIENT
IdP
FIDO SERVER
FIDO
AUTHENTICATOR
FEDERATION SERVERBROWSER / APP FIDO Protocol
Service Provider
Federation
Id DB
Knows details about the
Authentication strength
Knows details about the
Identity and its
verification strength.
First Mile Second Mile
14

FIDO ECOSYSTEM
… …SE

FIDO ECOSYSTEM
… …SE
How is the key protected
(TPM, SE, TEE, …)?
Which user verification
method is used?

ATTESTATION + METADATA
Private
attestation key
Signed Attestation Object
Metadata
Understand Authenticator
security characteristic by
looking into Metadata from
mds.fidoalliance.org
FIDO Registration
Verify using trust anchor
included in Metadata
Relying parties can store
this for auditing purposes

BINDING KEYS TO RELYING PARTIES
Use A-corp.com key
Use B-corp.com key
A
calc
A
docs
B
One Account – All
Applications
As Mobile App & Web App
A
calc
A
docs
B
Platform determines the
“caller” and passes it to the
Authenticator for selecting the
correct key.
FIDO Client determines the
“caller” (AppID/RP ID) and
passes it to the Authenticator
for selecting the correct key.
b-corp
a-corp

FIDO AUTHENTICATORS
FIDO has an Authenticator Certification program.
Different certification levels address the
needs to protect against scalable and physical attacks.
See https://fidoalliance.org/certification/authenticator-certification-levels/

User Environment
HOW DOES FIDO WORK?
Authenticator
User gesture before
private key can be used
(Touch, PIN entry,
Biometric)
PSD2: (no equivalent)
FIDO: Challenge
PSD2: Authentication Code
FIDO: (Signed) Response
PSD2: Personalized
Security Credential
FIDO: Private key
PSD2: (no equivalent)
FIDO: Public key
PSD2: PSU
FIDO: User
PSD2: ASPSP
FIDO: Relying Party
Local user verification step On-line authentication step

FIDO AUTHENTICATOR CONCEPT
FIDO Authenticator
User
Verification /
Presence
Attestation Key
Authentication Key(s)
Injected at
manufacturing,
doesn’t change
Generated at
runtime (on
Registration)
Optional
Components
Transaction
Confirmation
Display

FIDO BUILDING BLOCKS
(External)
Authenticator
USER DEVICE
FIDO Client
(Bound)
Authenticator
ASM
RP App FIDO Authentication
RP App
Server
FIDO Server
Metadata

FIDO USE CASES
Passwordless Experience
Authenticated Online
3
Biometric User Verification*
21
?
Authentication Challenge Authenticated Online
3
Second Factor Challenge Insert Dongle* / Press Button
Second Factor Experience
*There are other types of authenticators (e.g. PIN)
21

FIDO BUILDING BLOCKS
(Roaming)
Authenticator
User Device
Browser
(Bound)
Authenticator
Platform
RP App FIDO Authentication
RP App
Server
FIDO Server
Metadata
Web
Authentication
JS API
CTA
P

WEB AUTHENTICATION
Supported In:
JavaScript API that enables
FIDO Authentication directly in web browsers

FIDO AUTHENTICATION:
SECURITY & CONVENIENCE

CONVENIENCE & SECURITY
Security
Convenience
Password

Security
Convenience
Password + OTP
Password

Security
Convenience
Password + OTP
Password
FIDO
In FIDO
• Same user verification method
for all servers
In FIDO: Arbitrary user verification
methods are supported
(+ they are interoperable)

Security
Convenience
Password + OTP
Password
FIDO
In FIDO: Scalable security
depending on Authenticator
implementation
In FIDO:
• Only public keys on server
• Not phishable

CONCLUSION
• Different authentication use-cases lead to different
authentication requirements
• FIDO separates user verification from authentication and
hence supports all user verification methods
• FIDO supports scalable convenience & security
• User verification data is known to Authenticator only
• FIDO complements federation

FIDO REGISTRATION
accountInfo, challenge, [cOpts]
rpId, ai, hash(clientData), cryptoP, [exts]
verify user
generate:
key kpub
key kpriv
credential c
c,kpub,clientData,ac,cdh,rpId,cntr,AAGUID[,exts],
signature(tbs)
c,kpub,clientData,ac,tbs, s
store:
key kpub
c
s
Authenticator
select Authenticator according to cOpts;
determine rpId, get tlsData;
clientData := {challenge, origin, rpId, hAlg, tlsData}
cOpts: crypto params, credential black list,
extensions
cdh
ai
tbs
ac: attestation certificate chain

FIDO AUTHENTICATION
Authenticator Relying Party
rpId, [c,] hash(clientData)
select Authenticator according to policy;
check rpId, get tlsData (i.e. channel id, etc.);
lookup key handle h;
clientData := {challenge, rpId, tlsData}
clientData,cntr,[exts],signature(cdh,cntr,exts)
clientData, cntr, exts, s
lookup kpub
from DB
check:
exts +
signature
using
key kpub
s
cdh
challenge, [aOpts]
verify user
find
key kpriv
cntr++;
process exts

FIDO Authentication Technical Overview

More Related Content

What's hot (20)

Similar to FIDO Authentication Technical Overview (20)

More from FIDO Alliance (20)

Recently uploaded (20)

FIDO Authentication Technical Overview