uaf tutorial

Download UAF Tutorial

Post on 03-Jan-2017

213 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • UAF Technical Overview

    Davit Baghdasaryan Nok Nok Labs

  • UAF

    http://www.fidoalliance.org/specifications

  • How does UAF work?

    Relying Party

    FIDO Authenticators

    Verification

  • FIDO RegistrationREGISTRATION BEGINS USER APPROVAL

    REGISTRATION COMPLETE NEW KEY CREATED

    USER APPROVALUSER APPROVAL

    KEY REGISTEREDKEY REGISTERED

    1 2

    Using Public key

    Cryptography

    4 3

  • FIDO LoginLOGIN USER APPROVAL

    LOGIN COMPLETE KEY SELECTED

    LOGIN CHALLENGELOGIN CHALLENGE

    LOGIN RESPONSELOGIN RESPONSE

    1 2

    4 3

    Login

    Using Public key

    Cryptography

  • UAF Design Considerations

  • Decouple User Verification Method from Authentication Protocol

    LOGIN USER APPROVAL

    REGISTRATION COMPLETE KEY SELECTED

    LOGIN CHALLENGE

    LOGIN RESPONSE

    1 2

    4 3

    Leverage public key cryptography

    ONLINE SECURITY PROTOCOL

    ONLINE SECURITY PROTOCOL

    PLUGGABLE LOCAL AUTH

    PLUGGABLE LOCAL AUTH

  • No 3rd Party in the Protocol

  • No secrets on Server side

  • Focus on User Privacy

    Biometric data never leaves users device

    No linkability between RPs

    No linkability between RP accounts

  • Embrace all kinds of Authenticators

    software, proprietary hardware, certified hardware, ...

  • Risk Based Authentication

    Login to online account

    Change shipping address

    Transfer $10.000

    Low

    High

  • UAF Architecture

  • User Device

    User AgentUser Agent Mobile AppsMobile Apps

    FIDO UAF ClientFIDO UAF Client

    Authenticator AbstractionAuthenticator Abstraction

    AuthenticatorsAuthenticatorsAuthenticatorsAuthenticators

    Private KeysPrivate Keys

    Authentication KeysAttestation Key

    Authentication KeysAttestation Key

    UAF AuthenticatorsUAF Authenticators

    Relying Party

    Web ApplicationWeb Application

    FIDO UAF ServerFIDO UAF Server

    Authentication KeysAttestation Key

    Authentication KeysAttestation Key

    Public KeysRegistration, Authentication & Transaction Confirmation

    UAFProtocol

  • UAF Protocol

    Discovery of authenticators on the client

    Registration

    Authentication

    Transaction Confirmation

    Deregistration

  • Registration

    Initiate Registration

    Registration Response + Attestation

    + Users Public Key Validate Response

    & Attestation, Store Users

    Public Key

    Registration Request+ Policy

    FIDOServe

    r

    FIDOServe

    r

    FIDOAuthenticat

    or

    FIDOAuthenticat

    or

    Web App

    Browser or Native

    App

    2

    4

    5

    Device Relying Party

    1

    3 Verify User &

    Generate New Key Pair

    (specific to RP Webapp)

  • Relying Party

    (example.com)

    username, policy, AppID, challenge

    username, ak; hash(fcp)

    a

    generate:key kpub key kprivkh

    aaid, kpub, fc, kh, attestation cert, cntr,signature(aaid,fc,reg-cntr,cntr,kpub)

    aaid, kpub, fc, attestation cert, cntr, s store:

    key kpub

    s

    UAF Registration

    ASM + FIDO Client + Browser1stF IAuthnr

    select Authenticator according to policy;check AppID, get tlsData (i.e. channel id, etc.);

    generate APIKey random, compute access key

    ak := hash(a|APIKey|PersonaID|CallerID)fcp := {a, challenge, facetID, tlsData}

    fc

    Note: This represents using a FIDO First-Factor Internal Authenticator -- it makes the differences to U2F more clear.

  • Attestation

    FIDO Authenticator

    FIDO Authenticator

    Using HW based crypto

    Pure SW based implementation

    Based on FP Sensor X

    Based on Face Recognition alg. Y

    AAID 1

    AAID 2

    Attestation Key 1

    Attestation Key 2

  • FIDOAuthenticat

    or

    FIDOAuthenticat

    orInitiate Authentication

    Authentication Response

    signed by Users private key

    ValidateResponse using

    Users Public Key

    Authentication Request + Challenge

    + Policy

    FIDOServe

    r

    FIDOServe

    r

    Web App

    Browser or Native

    App

    2

    4

    5

    Device Relying Party

    1

    3

    Verify User & Exercise Private

    Key(specific to User + RP)

    Authentication

  • 1stF IAuthnrASM + FIDO Client

    + BrowserRelying Party

    kh, ak; hash(fcp)

    select Authenticator according to policy;check AppID, get tlsData (i.e. channel id, etc.);

    lookup key handle h and access key ak;fcp := {a, challenge, facetID, tlsData}check: ak

    retrieve: key kpriv from kh;cntr++generate Authnr Nonce n

    fc, n, cntr, signature(fc,n,cntr)

    fcp, n, cntr, s

    lookup kpub from DBcheck:policy +signatureusingkey kpub

    s

    UAF Authentication

    fc

    a

    policy, AppID, challenge

    Note: NO username+Password login required before this sequence. Click on FIDO Button (or similar trigger) is sufficient.

  • FIDOServe

    r

    FIDOServe

    r

    Browser or Native

    App

    FIDOAuthenticat

    or

    FIDOAuthenticat

    or Initiate Transaction

    Authentication Response

    + Text Hash, signed by Users private key

    ValidateResponse &

    Text Hashusing Users Public

    Key

    Authentication Request +

    Transaction Text

    2

    4

    5

    Device Relying Party

    1

    3

    Web App

    Display Text, Verify User &

    Exercise Private Key

    (specific to User + RP)

    Transaction Confirmation

  • UAF Authenticator

    Bound Authenticator

    Roaming Authenticator

    Other metadata (verification method, key protection, secure display, )

  • FIDO Authenticator

    User Verification

    Secure Display

    Attestation Key

    Authentication Key(s)

    User

    Injected at manufacturing, doesnt change

    Generated at runtime (on Registration)

    Optional

  • Thank you

    Slide 1UAFHow does UAF work?FIDO RegistrationFIDO LoginUAF Design ConsiderationsDecouple User Verification Method from Authentication ProtocolNo 3rd Party in the ProtocolNo secrets on Server sideFocus on User PrivacySlide 11Risk Based AuthenticationUAF ArchitectureSlide 14UAF ProtocolRegistrationSlide 17AttestationAuthenticationSlide 20Transaction ConfirmationUAF AuthenticatorSlide 23Slide 24Slide 25