Download - 安全身份认证协议与fido DEFCON GROUP 010 2017-3-30
Transcript
FIDO
2017/3/30 www.opsefy.com1
A Quick Demo on U2F
www.opsefy.com2
FIDOFast Identity OnlineU2FUAF2
www.opsefy.com3
FIDO Universal 2nd FactorFIDO Universal Authentication Framework
3
SW-based Password Manager HW-based Password Manager
www.opsefy.com4
24
Caseswww.opsefy.com5The FappeningEtc..
Sim
Password-based-Challenge-ResponseIP Camera Search & RouterQR Code ScanFIDO5
www.opsefy.com6
http://tcca.crypto.cn/sharedimages/articles/CICA2015/FIDO.pdf
+TEE/SE
6
FIDO Client /OS&SSLURL++SSL ChannelIDURLChallenge Param, App ParamPRKPUK+
Counter
Counter
U2F7www.opsefy.com
NounceURL+SSL ChannelID PUKCounter
7
www.opsefy.com8
ClientOS/etc.
NameKey HandleOther Infor.AliceDCEFGE..BobFKMLIS..
DCEFGE..
8
TEE/eSE/inSEetc.www.opsefy.com9
9
10www.opsefy.com