This document provides an overview of the FIDO UAF (Universal Authentication Framework) protocol. It describes common password and one-time password issues like phishing, theft, and inconvenience. It then explains how FIDO UAF works by using a cryptographic authenticator device to verify the user and sign authentication responses. The document outlines the registration and authentication flows and describes how metadata is used to understand the authenticator's security characteristics. It also discusses various implementation options for the authenticator including hardware-based devices, software authenticators, and leveraging trusted execution environments.
3. Password might be
entered into untrusted
App / Web-site
(“phishing”)
1
Password could be stolen
from the server
2
Too many passwords to
remember
à re-use / cart
abandonment
3
Inconvenient to
type password on
phone
4
Password Issues
4. OTP vulnerable to real-
time MITM and MITB
attacks
1
SMS security questionable,
especially when Device is the
phone
2
OTP HW tokens are
expensive and people
don’t want another device
3
Inconvenient to type OTP
on phone
4
OTP Issues
8. How does FIDO UAF work?
Can recognize the user (i.e.
user verification), but doesn’t
have an identity proof of
the user.
Same Authenticator
as registered before?Same User as
enrolled before?
9. How does FIDO UAF work?
Same Authenticator
as registered before?Same User as
enrolled before?
Identity binding to be
done outside FIDO:
This this “John Doe
with customer ID X”.
Can recognize the user (i.e.
user verification), but doesn’t
have an identity proof of
the user.
10. How does FIDO UAF work?
Generate key pair in
Authenticator and give
public key to server
Verify user before
signing authentication
response
Provide cryptographic
proof of authenticator
model
Use Metadata to understand
Authenticator model security
characteristic
Define policy of
acceptable
AuthenticatorsUse site-specific
keys in order to
protect privacy
Knows user IDs for
registered web
sites
21. FIDO Building Blocks
FIDO USER DEVICE
FIDO CLIENT
RELYING PARTY
FIDO SERVER
Metadata Service
FIDO AUTHENTICATOR
WEB SERVERBROWSER / APP
Cryptographic
authentication key
reference DB
Authenticator
Metadata &
attestation trust store
Attestation key
Authentication keys
Update
UAF Protocol
TLS Server Key
ASM
22. AAID & Attestation
FIDO Authenticator
FIDO Authenticator
Using HW based crypto
Pure SW based implementation
Based on FP Sensor X
Based on Face Recognition alg. Y
AAID 1
AAID 2
Attestation Key 1
Attestation Key 2
AAID: Authenticator Attestation ID (=model name)
23. Privacy & Attestation
Bob’s FIDO Authenticator
Using HW based crypto
Based on FP Sensor X
FIDO SERVER RP1
FIDO SERVER RP2
Model A
Model A
Model A
Serial #
24. Attestation & Metadata
FIDO SERVERFIDO
AUTHENTICATOR
Metadata
Signed Attestation Object
Verify using trust anchor
included in Metadata
Understand Authenticator
security characteristic
by looking into Metadata
(and potentially other sources)
33. FIDO
Server
Web
App
App
Prepare
UAF Authentication
Pat Johnson
650 Castro Street
Mountain View, CA 94041
United States
Initiate
Authentication
1
FIDO
Authenticator
3
Verify User &
Sign Challenge
(Key specific to RP
Webapp)
Auth.
Response
4
Auth. Request
with Challenge
2
0
SignedData:
• SignatureAlg
• Hash(FinalChallenge)
• Authenticator random
• Signature Counter
• Signature
FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)
35. FIDO
Server
Browser or
Native App
FIDO
Authenticator Initiate Transaction
Authentication Response
+ Text Hash,
signed by User’s private key
Validate
Response &
Text Hash
using User’s Public Key
Authentication Request +
Transaction Text
2
4
5
Device Relying Party
1
3
Web
App
Display Text, Verify
User & Unlock
Private Key
(specific to User + RP Webapp)
Transaction Confirmation
SignedData:
• SignatureAlg
• Hash(FinalChallenge)
• Authenticator random
• Signature Counter
• Hash(Transaction Text)
• Signature
FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)
36. The Authenticator Concept
FIDO Authenticator
User
Verification /
Presence
Secure Display
Attestation Key
Authentication Key(s)
User
Injected at
manufacturing,
doesn’t change
Generated at
runtime (on
Registration)
Optional
Components
37. Using Secure Hardware
FIDO Authenticator in SIM Card
User Verification
(PIN)
SIM Card
Attestation Key
Authentication Key(s)
38. Trusted Execution Environment (TEE)
FIDO Authenticator as Trusted Application (TA)
Client Side Biometrics
User Verification / Presence
Attestation Key
Authentication Key(s)
Store at Enrollment
Compare at Authentication
Unlock after comparison
39. Trusted Execution Environment (TEE)
Using Secure Hardware
FIDO Authenticator as Trusted Application (TA)
User
Verification /
Presence
Secure Display
Secure Element
Attestation Key
Authentication Key(s)
e.g. GlobalPlatform
Trusted UI
41. FIDO & Federation
FIDO USER DEVICE
FIDO CLIENT
IdP
FIDO SERVER
FIDO
AUTHENTICATOR
FEDERATION SERVERBROWSER / APP UAF Protocol
Service Provider
Federation
Id DB
Knows details about the
Authentication strength
Knows details about the
Identity and its verification
strength.
First Mile Second Mile
44. FIDO at Industry Event – Readiness
SIM as Secure Element
Fingerprint, TEE, Mobile
Speaker Recognition
Mobile via NFC
PIN + MicroSD
USB
SE Embedded SE
45.
46. OEM Enabled: Lenovo ThinkPads with
Fingerprint Sensors
OEM Enabled: Samsung Galaxy S5 smartphone & Galaxy Tab S
tablets
Clients available for these operating systems:
Software Authenticator Examples:
Speaker/Face recognition, PIN, QR Code, etc.
Aftermarket Hardware Authenticator Examples:
USB fingerprint scanner, MicroSD Secure Element
FIDO READY™ PRODUCTS SHIPPING TODAY
47. The FIDO Alliance and Nok Nok Labs
Standards Products
Industry
Standard
Protocol
“FIDO Ready™”
FIRST FIDO Ready™
Server and Client Software:
NNL S3 Suite
Key Industry
Partnerships
48. Call to Action
• FIDO is ready for use – launch a PoC, Pilot
• Get Involved:
o Develop or adapt your products to FIDO
o Come to the plenary, meet and mingle, speak with the pioneers,
select your partners
o Join the Alliance and contribute – we are a volunteer run
organization
o Contact donal@fidoalliance.org for membership details
o Other questions – rolf@noknok.com
49.
50. Relying
Party
(example.com)
username, policy,
AppID, challenge
username u, ak; hash(fcp)
a
generate:
key kpub
key kpriv
handle h aaid, kpub, fc, h, attestation cert, reg-cntr, cntr,
signature(aaid,fc,reg-cntr,cntr,kpub)
aaid, kpub, fc, h, attestation cert,
reg-cntr, cntr, s store:
key kpub
handle h
s
UAF Registration
ASM + FIDO Client
+ Browser1stF IAuthnr
select Authenticator according to policy;
check AppID, get tlsData (i.e. channel id, etc.);
generate APIKey random, compute access key
ak := hash(AppID|APIKey|PersonaID|CallerID)
fcp := {a, challenge, facetID, tlsData}
fc
Note: This represents using a FIDO First-Factor Internal
Authenticator -- it makes the differences to U2F more
clear.
51. 1stF IAuthnr
ASM + FIDO Client
+ Browser
Relying
Party
h, ak; hash(fcp)
select Authenticator according to policy;
check AppID, get tlsData (i.e. channel id, etc.);
lookup key handle h and access key ak;
fcp := {a, challenge, facetID, tlsData}
check: ak
retrieve:
key kpriv
from h;
cntr++
generate
Authnr
Nonce n
fc, n, cntr, signature(fc,n,cntr)
fcp, n, cntr, s
lookup kpub
from DB
check:
policy +
signature
using
key kpub
s
UAF Authentication
fc
a
policy, AppID, challenge
Note: NO username+Password login required before this
sequence. Click on FIDO Button (or similar trigger) is sufficient.
52. Binding Authenticator to User
Login with legacy credential
User A
Cloud
Service
1
Perform FIDO Register function
Authenticator 1
2
User A
Authenticator 1
Case A: Existing User
53. Binding Authenticator to User
Create new account
User B Cloud
Service
1
Perform FIDO Register function
Authenticator 2
Cloud
Service
2
User B
Authenticator 2
Case B: New User
Opt.: verify
attrs. with
3rd party