This document provides an overview of the FIDO UAF (Universal Authentication Framework) protocol. It describes common password and one-time password issues like phishing, theft, and inconvenience. It then explains how FIDO UAF works by using a cryptographic authenticator device to verify the user and sign authentication responses. The document outlines the registration and authentication flows and describes how metadata is used to understand the authenticator's security characteristics. It also discusses various implementation options for the authenticator including hardware-based devices, software authenticators, and leveraging trusted execution environments.

1. FIDO UAF Overview

2. Cloud Authentication

3. Password might be
entered into untrusted
App / Web-site
(“phishing”)
1
Password could be stolen
from the server
2
Too many passwords to
remember
à re-use / cart
abandonment
3
Inconvenient to
type password on
phone
4
Password Issues

4. OTP vulnerable to real-
time MITM and MITB
attacks
1
SMS security questionable,
especially when Device is the
phone
2
OTP HW tokens are
expensive and people
don’t want another device
3
Inconvenient to type OTP
on phone
4
OTP Issues

5. Authentication silos
COMPLEXITY, REDUNDANCY, COSTS
App 2
New
App?
RP 1
RP 1
App 1
?
ApplicationsAuthentication Methods

6. How does FIDO UAF work?
Device

7. How does FIDO UAF work?
… …SE

8. How does FIDO UAF work?
Can recognize the user (i.e.
user verification), but doesn’t
have an identity proof of
the user.
Same Authenticator
as registered before?Same User as
enrolled before?

9. How does FIDO UAF work?
Same Authenticator
as registered before?Same User as
enrolled before?
Identity binding to be
done outside FIDO:
This this “John Doe
with customer ID X”.
Can recognize the user (i.e.
user verification), but doesn’t
have an identity proof of
the user.

10. How does FIDO UAF work?
Generate key pair in
Authenticator and give
public key to server
Verify user before
signing authentication
response
Provide cryptographic
proof of authenticator
model
Use Metadata to understand
Authenticator model security
characteristic
Define policy of
acceptable
AuthenticatorsUse site-specific
keys in order to
protect privacy
Knows user IDs for
registered web
sites

11. FIDO
Server
AppFIDO
Authenticator
Device Relying Party
Web
App
UAF Registration
Prepare0

12. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare0
UAF Registration

13. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare
UAF Registration
0

14. FIDO
Authenticator
FIDO
Server
Web
App
App
Legacy Auth +
Initiate Reg.
1
Prepare
UAF Registration
0

15. FIDO
Authenticator
FIDO
Server
Web
App
App
1
Prepare
UAF Registration
0
Legacy Auth +
Initiate Reg.

16. FIDO
Authenticator
FIDO
Server
Web
App
App
1
Prepare
2
UAF Registration
0
Legacy Auth +
Initiate Reg.
Reg. Request
+ Policy

17. FIDO
Authenticator
FIDO
Server
Web
App
App
1
pat@example.com
Pat Johnson
Link your fingerprint
Prepare
2
UAF Registration
0
Legacy Auth +
Initiate Reg.
Reg. Request
+ Policy

18. FIDO
Authenticator
FIDO
Server
Web
App
App
1
pat@example.com
Pat Johnson
Link your fingerprint
Prepare
2
3
Verify User &
Generate New
Key Pair
(specific to RP Webapp)
UAF Registration
0
Legacy Auth +
Initiate Reg.
Reg. Request
+ Policy

19. FIDO
Authenticator
FIDO
Server
Web
App
App
1
pat@example.com
Pat Johnson
Link your fingerprint
Prepare
Reg. Request
+ Policy
2
3
Verify User &
Generate New
Key Pair
(specific to RP Webapp)
Reg.
Response
4
UAF Registration
0
Legacy Auth +
Initiate Reg.
Key Registration Data:
• Hash(FinalChallenge)
• AAID
• Public key
• KeyID
• Registration Counter
• Signature Counter
• Signature (attestation key)
FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)

20. FIDO
Authenticator
FIDO
Server
Web
App
App
1
pat@example.com
Pat Johnson
Prepare
2
3
Verify User &
Generate New
Key Pair
(specific to RP Webapp)
Reg.
Response
4
Success
5
UAF Registration
0
Legacy Auth +
Initiate Reg.
Reg. Request
+ Policy

21. FIDO Building Blocks
FIDO USER DEVICE
FIDO CLIENT
RELYING PARTY
FIDO SERVER
Metadata Service
FIDO AUTHENTICATOR
WEB SERVERBROWSER / APP
Cryptographic
authentication key
reference DB
Authenticator
Metadata &
attestation trust store
Attestation key
Authentication keys
Update
UAF Protocol
TLS Server Key
ASM

22. AAID & Attestation
FIDO Authenticator
FIDO Authenticator
Using HW based crypto
Pure SW based implementation
Based on FP Sensor X
Based on Face Recognition alg. Y
AAID 1
AAID 2
Attestation Key 1
Attestation Key 2
AAID: Authenticator Attestation ID (=model name)

23. Privacy & Attestation
Bob’s FIDO Authenticator
Using HW based crypto
Based on FP Sensor X
FIDO SERVER RP1
FIDO SERVER RP2
Model A
Model A
Model A
Serial #

24. Attestation & Metadata
FIDO SERVERFIDO
AUTHENTICATOR
Metadata
Signed Attestation Object
Verify using trust anchor
included in Metadata
Understand Authenticator
security characteristic
by looking into Metadata
(and potentially other sources)

25. Authenticator Meta-Data
See fido-uaf-authnr-metadata

26. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare0
UAF Authentication

27. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare
UAF Authentication
0

28. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare
UAF Authentication
0

29. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare
UAF Authentication
0

30. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare
UAF Authentication
Initiate
Authentication
1
0

31. FIDO
Authenticator
FIDO
Server
Web
App
App
Prepare
UAF Authentication
Initiate
Authentication
1
Auth. Request
with Challenge
2
0

32. FIDO
Server
Web
App
App
Prepare
UAF Authentication
pat@example.com
Pat Johnson
Initiate
Authentication
1
3
Verify User &
Sign Challenge
(Key specific to RP
Webapp)
FIDO
Authenticator
Auth. Request
with Challenge
2
0

33. FIDO
Server
Web
App
App
Prepare
UAF Authentication
Pat Johnson
650 Castro Street
Mountain View, CA 94041
United States
Initiate
Authentication
1
FIDO
Authenticator
3
Verify User &
Sign Challenge
(Key specific to RP
Webapp)
Auth.
Response
4
Auth. Request
with Challenge
2
0
SignedData:
• SignatureAlg
• Hash(FinalChallenge)
• Authenticator random
• Signature Counter
• Signature
FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)

34. FIDO
Server
Web
App
App
Prepare
UAF Authentication
pat@example.com
Pat Johnson
Payment complete!
Return to the merchant’s web
site to continue shopping
Return to the merchant
Initiate
Authentication
1
FIDO
Authenticator
3
Verify User &
Sign Challenge
(Key specific to RP
Webapp)
Auth. Request
with Challenge
2
Auth.
Response
4
Success
5
0

35. FIDO
Server
Browser or
Native App
FIDO
Authenticator Initiate Transaction
Authentication Response
+ Text Hash,
signed by User’s private key
Validate
Response &
Text Hash
using User’s Public Key
Authentication Request +
Transaction Text
2
4
5
Device Relying Party
1
3
Web
App
Display Text, Verify
User & Unlock
Private Key
(specific to User + RP Webapp)
Transaction Confirmation
SignedData:
• SignatureAlg
• Hash(FinalChallenge)
• Authenticator random
• Signature Counter
• Hash(Transaction Text)
• Signature
FinalChallenge=Hash(AppID | FacetID
| tlsData | challenge)

36. The Authenticator Concept
FIDO Authenticator
User
Verification /
Presence
Secure Display
Attestation Key
Authentication Key(s)
User
Injected at
manufacturing,
doesn’t change
Generated at
runtime (on
Registration)
Optional
Components

37. Using Secure Hardware
FIDO Authenticator in SIM Card
User Verification
(PIN)
SIM Card
Attestation Key
Authentication Key(s)

38. Trusted Execution Environment (TEE)
FIDO Authenticator as Trusted Application (TA)
Client Side Biometrics
User Verification / Presence
Attestation Key
Authentication Key(s)
Store at Enrollment
Compare at Authentication
Unlock after comparison

39. Trusted Execution Environment (TEE)
Using Secure Hardware
FIDO Authenticator as Trusted Application (TA)
User
Verification /
Presence
Secure Display
Secure Element
Attestation Key
Authentication Key(s)
e.g. GlobalPlatform
Trusted UI

40. Leveraging hardware security
User Space
Secure
Hardware
ASM
UX Layer
Input, Display
Crypto Layer
ASM
UX Layer
Input, Display
Crypto Layer
ASM
Crypto Layer
UX Layer
Input, Display
No Secure HW Secure Crypto
+
Storage
Secure
Execution
Environment
and/or Secure
Elements

41. FIDO & Federation
FIDO USER DEVICE
FIDO CLIENT
IdP
FIDO SERVER
FIDO
AUTHENTICATOR
FEDERATION SERVERBROWSER / APP UAF Protocol
Service Provider
Federation
Id DB
Knows details about the
Authentication strength
Knows details about the
Identity and its verification
strength.
First Mile Second Mile

42. How FIDO Addresses Threat Classes

43. UAF Specifications

44. FIDO at Industry Event – Readiness
SIM as Secure Element
Fingerprint, TEE, Mobile
Speaker Recognition
Mobile via NFC
PIN + MicroSD
USB
SE Embedded SE

46. OEM Enabled: Lenovo ThinkPads with
Fingerprint Sensors
OEM Enabled: Samsung Galaxy S5 smartphone & Galaxy Tab S
tablets
Clients available for these operating systems:
Software Authenticator Examples:
Speaker/Face recognition, PIN, QR Code, etc.
Aftermarket Hardware Authenticator Examples:
USB fingerprint scanner, MicroSD Secure Element
FIDO READY™ PRODUCTS SHIPPING TODAY

47. The FIDO Alliance and Nok Nok Labs
Standards Products
Industry
Standard
Protocol
“FIDO Ready™”
FIRST FIDO Ready™
Server and Client Software:
NNL S3 Suite
Key Industry
Partnerships

48. Call to Action
• FIDO is ready for use – launch a PoC, Pilot
• Get Involved:
o Develop or adapt your products to FIDO
o Come to the plenary, meet and mingle, speak with the pioneers,
select your partners
o Join the Alliance and contribute – we are a volunteer run
organization
o Contact donal@fidoalliance.org for membership details
o Other questions – rolf@noknok.com

50. Relying
Party
(example.com)
username, policy,
AppID, challenge
username u, ak; hash(fcp)
a
generate:
key kpub
key kpriv
handle h aaid, kpub, fc, h, attestation cert, reg-cntr, cntr,
signature(aaid,fc,reg-cntr,cntr,kpub)
aaid, kpub, fc, h, attestation cert,
reg-cntr, cntr, s store:
key kpub
handle h
s
UAF Registration
ASM + FIDO Client
+ Browser1stF IAuthnr
select Authenticator according to policy;
check AppID, get tlsData (i.e. channel id, etc.);
generate APIKey random, compute access key
ak := hash(AppID|APIKey|PersonaID|CallerID)
fcp := {a, challenge, facetID, tlsData}
fc
Note: This represents using a FIDO First-Factor Internal
Authenticator -- it makes the differences to U2F more
clear.

51. 1stF IAuthnr
ASM + FIDO Client
+ Browser
Relying
Party
h, ak; hash(fcp)
select Authenticator according to policy;
check AppID, get tlsData (i.e. channel id, etc.);
lookup key handle h and access key ak;
fcp := {a, challenge, facetID, tlsData}
check: ak
retrieve:
key kpriv
from h;
cntr++
generate
Authnr
Nonce n
fc, n, cntr, signature(fc,n,cntr)
fcp, n, cntr, s
lookup kpub
from DB
check:
policy +
signature
using
key kpub
s
UAF Authentication
fc
a
policy, AppID, challenge
Note: NO username+Password login required before this
sequence. Click on FIDO Button (or similar trigger) is sufficient.

52. Binding Authenticator to User
Login with legacy credential
User A
Cloud
Service
1
Perform FIDO Register function
Authenticator 1
2
User A
Authenticator 1
Case A: Existing User

53. Binding Authenticator to User
Create new account
User B Cloud
Service
1
Perform FIDO Register function
Authenticator 2
Cloud
Service
2
User B
Authenticator 2
Case B: New User
Opt.: verify
attrs. with
3rd party

54. www.fidoalliance.org/specifications/download

55. Thank you