I need to explain what "conversation" occurs between a FIDO U2F device (YubiKey NEO) and the agent (Chrome).
I want to know if it's a challenge response, and ultimately figure out how much computation occurs on the device.
In the case of NFC, the device isn't powered by anything but inductance. That makes me think the resulting device encryption has a questionable value-add
Regardless transport (NFC, USB, BLE) The U2F client (Chrome) merely repacks and forwards the challenge to the device. All crypto is done in the device's secure element.
Basically, the device signs the challenge (provided by the relying party), along with some meta data (provided by the client) such as what URL the browser was currently visiting, etc (to prevent phishing).
