Presentation is loading. Please wait.

Presentation is loading. Please wait.

1. U2F Case Study Examining the U2F paradox 3 What is Universal 2 nd Factor (U2F)?

Published byAdrian Cunningham Modified over 9 years ago

Similar presentations

Presentation on theme: "1. U2F Case Study Examining the U2F paradox 3 What is Universal 2 nd Factor (U2F)?"— Presentation transcript:

1 1

2 U2F Case Study Examining the U2F paradox

3 3 What is Universal 2 nd Factor (U2F)?

4 4 Simple, Secure, Scalable 2FA

5 5 Didn’t We Solve This Already? SMSOTP Devices Coverage Delay Cost Battery Policy One per site Provisioning costs Battery Smart Cards Readers/drivers Middleware Cost

6 6 Bad User experienceStill phishable Users find it hard to useSuccessful attacks carried out today MitM Successful attacks carried out today And...

7 7 Why U2F? Simple – To register and authenticate -- a simple touch! – No drivers or client software to install Secure – Public key cryptography – Protects against phishing and man-in-the-middle Scalable – One U2F device, many services Protects Privacy – No secrets shared between service providers

8 8 1. Enter username/pwd 2. Insert U2F Key 3. Touch device Google Login With U2F

9 9 1. Enter username/pwd 2. Insert U2F Key 3. Touch device Dropbox Login With U2F

10 10 1. Enter username/pwd 2. Insert U2F Key 3. Touch device GitHub Login With U2F

11 11 1. Enter username/pwd 2. Insert U2F Key 3. Touch device Your Login With U2F

12 12 1. Enter username/pwd 2. Insert U2F Key 3. Touch device Your Login With U2F

13 13 1. Enter username/pwd 2. Insert U2F Key 3. Touch device Your Login With U2F

14 14 Protocol Overview

15 Server sends challenge 1 Server receives and verifies device signature using attestation cert 5 Key handle and public key are stored in database 6 Device generates key pair 2 Device creates key handle 3 Device signs challenge + client info 4 Registration Server sends challenge + key handle 1 Server receives and verifies using stored public key 4 Device unwraps/derives private key from key handle 2 Device signs challenge + client info 3 Authentication Individual with U2F Device, Relying Party

16 16 Protocol Design Step-By-Step

17 17 U2F Device Client Relying Party challenge Sign with k priv signature(challenge) s Check signature (s) using k pub s Lookup k pub Authentication

18 18 U2F Device Client Relying Party challenge challenge, origin, channel id Sign with k priv signature(c) c, s Check s using k pub Verify origin & channel id s Lookup k pub Phishing/MitM Protection

19 19 U2F Device Client Relying Party handle, app id, challenge h, a; challenge, origin, channel id, etc. c a Check app id Lookup the k priv associated with h Sign with k priv signature(a,c) c, s Check s using k pub Verify origin & channel id s h Lookup the k pub associate d with h Application-Specific Keys

20 20 U2F Device Client Relying Party handle, app id, challenge h, a; challenge, origin, channel id, etc. c a Check app id Lookup the k priv associated with h Sign with k priv counter++ counter, signature(a,c, counter) counter, c, s Check s using k pub Verify origin, channel id & counter s h Lookup the k pub associate d with h Device Cloning

21 21 U2F Device Client Relying Party app id, challenge a; challenge, origin, channel id, etc. c a Check app id Generate: k pub k priv handle h k pub, h, attestation cert, signature (a,c,k pub,h) c, k pub, h, attestation cert, s Associate k pub with handle h for user s Registration + Device Attestation

22 22 Bad User Experience Still Phishable MitM x xx So How Did We Do?

23 23 Resources Strengthen 2 step verification with Security Key Yubico Security Key Yubico Libraries, Plugins, Sample Code, Documentation FIDO U2F Protocol Specification Yubico Demo Server - Test U2F Yubico Demo Server - Test Yubico OTP Google security blog yubico.com/security-key developers.yubico.com fidoalliance.org/specifications demo.yubico.com/u2f demo.yubico.com

24 24 Questions, Comments Derek Hanson derek@yubico.com @derekhanson @yubico

25

Download ppt "1. U2F Case Study Examining the U2F paradox 3 What is Universal 2 nd Factor (U2F)?"

Similar presentations

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.

Cloud PIV Authentication and Authorization Demo PIV Card User Workstation Central Security Server In order to use Cloud Authentication and Authorization.
Fast IDentity Online – a new industry alliance formed to develop technical standards that enable Internet Services to use Simpler Stronger Auth solutions.

Fast IDentity Online – a new industry alliance formed to develop technical standards that enable Internet Services to use Simpler Stronger Auth solutions.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
CSC 774 Advanced Network Security

CSC 774 Advanced Network Security
The team - currently 25 people

The team - currently 25 people
Not Built On Sand. IT Has Scaled $$$ Technological capabilities: (1971  2013) Clock speed x4700 #transistors x608k Structure size /450 Price: (1980 

Not Built On Sand. IT Has Scaled $$$ Technological capabilities: (1971  2013) Clock speed x4700 #transistors x608k Structure size /450 Price: (1980 
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.

Key Provisioning Use Cases and Requirements 67 th IETF KeyProv BOF – San Diego Mingliang Pei 11/09/2006.
Two Factor Authentication (TFA) is a 100% Open Source, free to use security system for your Joomla site’s backend. Two Factor Authentication works in.

Two Factor Authentication (TFA) is a 100% Open Source, free to use security system for your Joomla site’s backend. Two Factor Authentication works in.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.

Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Using Digital Credentials On The World-Wide Web M. Winslett.

Using Digital Credentials On The World-Wide Web M. Winslett.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Similar presentations

Ads by Google