3

I'm reading this paper from Yubico on Universal Second Factor and OpenID Connect and see the description about ephemeral keys

I'm confused on when a ephemeral key is used, and under what conditions they are cached.

From the Yubico document.

Page 7:

U2F does have a trust chain similar to the certificate authorities found in traditional PKI, but this is not tied directly to the key pairs issued by the U2F device. Instead, this trust chain is tied the device’s identifier certificates. These device certificates are used alongside the ephemeral keys to identify the device itself (or a batch of devices), allowing knowledgeable RPs to make informed decisions about which device manufacturers they are willing to accept.

Page 9

Why would such caching systems be widely used when they clearly subvert a fundamental aspect of the security components? A system that constantly prompts a user for the same PIN again and again is likely to be ignored or rejected by users annoyed at the constant prompting. The use of a credential cache is often considered a reasonable tradeoff. However, the U2F design avoids having to make this tradeoff decision in the first place by explicitly declaring that the ephemeral keys are used to identify the device alone.

makerofthings7
  • 50,090
  • 54
  • 250
  • 536

1 Answers1

1

First a quick FIDO U2F Cheat Sheet here (because it is easy to get lost...) www.neowave.fr/pdfs/FIDO-U2F-CHEAT-SHEET.pdf

Regarding Page 7:

FIDO U2F stored identities are based on public and private keys (asymmetric cryptography), each website service account makes the FIDO U2F device (it can be FIDO U2F USB Security Keys, FIDO U2F NFC Cards and FIDO U2F BLE Devices soon) generating its own key pairs. This is not like a standard PKI smart card solution where most of the time there is a shared user identity certificate. But... each just after being generated on the FIDO U2F device, each public key is digitally signed by a "production private key" inside the FIDO U2F device before being sent back to the server. The FIDO U2F provides a "production public key" inside a "attestation certificate" attached to the public key and public key signature. This "attestation certificate" and associated production public key may be the same on several devices from a same production batch ("batch of devices") and info inside this certificate is signed by the "Manufacturer Private Key"... and if you make products that are certified by the FIDO Alliance, you can (not mandatory) even register the "Manufacturer Public Key" on the official metadata service here: fidoalliance.org/mds/ where info is signed by the Fido Alliance private key (root cert here: mds.fidoalliance.org/Root.cer)

So.. as you see, even if "user keys" are anonymous and isolated/different (ephemeral keys) for each server/services, there is still a kind of chain of Trust you can find and use. (Note: for many reasons, most of services are not verifying this chain for now)

Regarding Page 9:

This is a note about standard PKI devices (smart card protected by PIN) not about FIDO U2F. Since asking for a PIN for each action with standard smart card PKI based solution may be tedious, this PIN entry is sometimes "cached" to simplify user interactions and this may break part of the solution security. This is a way to explain the FIDO U2F user experience choice: using name and password THEN FiDO U2F device as a secure second factor (without PIN protection).

Chenmunka
  • 629
  • 4
  • 11
  • 19
FredericMARTIN
  • 581
  • 3
  • 8
  • As far as the "chain of trust" is concerned I just posted a tin foil rant about U2F yesterday. http://security.stackexchange.com/questions/151675/how-to-secure-google-account-from-sim-hijacking-intercepting-two-factor-sms-co/151836#151836 – cornelinux Feb 21 '17 at 17:35
  • 1
    I can't reply there because my reputation did not reach 50 points but I think you completely misunderstood what the attestation certificate is. There is no such thing as a unique info inside attestation certificate, no serial number related to you, this is not even YOUR certificate and this is completely wrong : "The key pair you are registering with google is derivated from the private key belonging to this certificate". Attestation certificate is the same inside many units from the same production batch and this is a public info. There is another problem with Yubico... but not this one... – FredericMARTIN Feb 21 '17 at 23:29
  • I realized you are part of the PrivacyIDEA great project, so it is strange you misunderstood this... perhaps you can elaborate more precisely here about the "tun foil rant" thing. I still think you got something wrong... I just pinged you on linkedin too. At the end, I'll post the result of the discussion here :) – FredericMARTIN Feb 22 '17 at 00:12
  • 1
    Hi @FredericMARTIN, thanks for pointing me to my mistake! I updated my other post accordingly. – cornelinux Feb 25 '17 at 09:57