FIDO2 の概要と YubiKey といった FIDO2 対応デバイスで実現可能な新しい認証について説明しています。 #idcon #fidcon ResidentKey の Authentication 部分に誤りがありました。 PublicKeyCredentialRequestOptions には authenticatorSelection Option はありません。

1. FIDO2の概要と
YubiKey の実装
What’s difference between U2F and FIDO2

2. アジェンダ
• 自己紹介
• FIDO2 Projectの概要
• FIDO の特徴と WebAuthn 実装
• YubiKey 新機能のご紹介

3. 埴山 遂
Haniyama Wataru
@watahani
職業: もとほんやのエンジニア3年目
自己紹介

4. ガッツリプロトコルの話しません
https://developers.yubico.com/U2F/Protocol_details/Key_generation.html

5. ガッツリプロトコルの話書きます！
https://techbookfest.org/event/tbf05/circle/28720014
10月8日 技術書典 け35 サークル：もとほんや
買ってね！

6. FIDO2 Project とは
RPClient
Platform API
NFC
External
Authenticator
Internal
Authenticator
CTAP
Platform
Web
Authentication
API
HTTPS

7. FIDO2 Project
RPClient
Platform API
NFC
External
Authenticator
Internal
Authenticator
CTAP
Platform
Web
Authentication
API
HTTPS
ブラウザなど
OS
OSのAPI
OSについてるセキュリティチップ等
YubiKey
W3C
Credential Management API の
拡張

8. FIDO2 Project
RPClient
Platform API
NFC
External
Authenticator
Internal
Authenticator
CTAP
Platform
Web
Authentication
API
HTTPS
Google Play Services

9. 今日はこのあたりをしゃべります
RPBrowser
Platform API
NFC
External
Authenticator
Internal
Authenticator
CTAP
Platform
Web
Authentication
API
HTTPS
CTAP1 と 2 がある

10. FIDO2 対応のキー
Security Key by Yubico YubiKey 5 Series

11. FIDO2 対応のキーで実現可能な認証方法
• Single factor Authentication
従来のパスワード認証の代わりに利用。FIDO2対応のキーであればID/Password-less 認証も
可能。
• 2nd Factor Authentication
U2F と同様に 2段階認証のキーとして利用
• Multi-Factor: Password-less + PIN or Biometric
キーのみで、PINあるいは生体認証を利用したマルチファクター認証。ID/Password-less 認証
も可能。
Login
1 2 3
4 5 6
7 8 9
0

12. 復習

13. FIDOは公開鍵暗号認証
Challenge
Server
Private key
Signature
UserID PublicKey
hani Efdsddgc..
検証
User
署名

14. Generate Key-pair for
rpId
rpId: sgk.co.jp
origin: sgk.co.jp OK
origin: api.sgk.co.jp OK
origin: sgk.com NG
Authenticator の登録
rpId origin OK/NG
sgk.co.jp sgk.co.jp OK
sgk.co.jp api.sgk.co.jp OK
api.sgk.co.jp sgk.co.jp NG
co.jp sgk.co.jp NG
credId rpId Key Pair
cred1 sgk.co.jp K1
cred2 example.com K2
Store credId and
Public Key
rpId
credId, Kpub credId, Kpub
Check rpId
RP
rpId
登録
credId
Kpriv
rpId
Kpub
clientData challenge
Attestation clientData
rpId
Attestation
Hash of ClientData
{ type: “webauthn.create”
origin: “example.com”,
challenge: “xxxxxxxxx”,
tokenBinding: { status: …} }
ClientAuthenticator
Authenticator の登録（一部パラメータ略）
user credId Public Key
hani cred1 K1 pub

15. credId, Kpub
rpId
Attestation
登録
clientData
Apriv Acert
Kpub
clientData
rpId
credId
credId
K1priv Kpub
Generate Key-pair for
rpId
rpId
Attestation
Signature
Hash
{ type: “webauthn.get”
origin: “example.com”,
challenge: “xxxxxxxxx” }
Root CA
Attestation
Acert
Attestation の生成

16. rpId
credId, Kpub
RP
Attestation
challenge
Acert
clientData rpId
Attestation
Kpub
clientData
rpId
credId
Attestation
Signature
Verify( ( | | | ),
Attestation Signature ,
Acert )
rpId clientData credId Kpub
Check rpId
Attestation の検証

17. 認証
Authenticator による認証
rpId origin OK/NG
sgk.co.jp sgk.co.jp OK
sgk.co.jp api.sgk.co.jp OK
api.sgk.co.jp sgk.co.jp NG
co.jp sg0k.co.jp NG
rpId, challenge, credIdrpId, clientData
credId sign credId
credId
credId
sign
Kpriv
RP
Check credId & rpId
rpId
Check rpId
Restore rpId and Key-
pair from credId
allowedCredentials = [
{ id: credentialId,
type: “public-key”
transports: [“usb”, ”nfc”, ”ble”]}
]
Verify
Counter Counter
clientData
credId rpId Key Pair
cred1 sgk.co.jp K1
cred2 example.com K2
user credId Public Key
hani cred1 K1 pub

18. ポイント

19. FIDO認証のポイント
• 秘密鍵は Authenticator 内に保存
• RPごとに一意の credentialId/キーペア を毎回新しく生成
• Client & Authenticator が RPID の正当性を検証
• キーペアは Attestation によって信頼性を保証※
(※デフォルトは検証しない。エンタープライズ向け）

20. FIDO認証のポイント
• 秘密鍵は Authenticator 内に保存
• RPごとに一意の credentialId/キーペア を毎回新しく生成
• Client & Authenticator が RPID の正当性を検証
• キーペアは Attestation によって信頼性を保証※
(※デフォルトは検証しない。エンタープライズ向け）

21. Authenticator で秘密鍵を保護

22. FIDO2 Project
RPClient
Platform API
NFC
External
Authenticator
Internal
Authenticator
CTAP
Platform
Web
Authentication
API
HTTPS
cross-platform
platform

23. 秘密鍵は Authenticator 内に保存
Challenge
RP
Signature
UserID
PublicKey
検証署名
ユーザ認証
ユーザーはキーペア等を意識せずともよい
ローカル
認証 公開鍵暗号
Authenticator

24. FIDO認証のポイント
• 秘密鍵は Authenticator 内に保存
• RPごとに一意の credentialId/キーペア を毎回新しく生成
• Client & Authenticator が RPID の正当性を検証
• キーペアは Attestation によって信頼性を保証※
(※デフォルトは検証しない。エンタープライズ向け）

25. RPごとにキーペアを生成
Authenticator
RP ごとに キーペア を作成して、credentialId で管理
RP1
RP2
credId1, K1PUB
credId2, K2PUB
rpId
登録
rpId
Authenticator内で credentialId と
rpID, Key Pair の組み合わせを記
憶
credId rpId Key Pair
cred1 sgk.co.jp K1
cred2 example.com K2
user credId Public Key
hani cred1 K1 pub
user credId Public Key
hani cred2 K2 pub
example.com
sgk.co.jp

26. RPごとにキーペアを生成
RP は認証時に Challenge と rpId, credentialId を送信
RP1
認証
credId1 rpId1 Challenge
user credId Public Key
hani cred1 K1 pub
credId rpId Key Pair
cred1 sgk.co.jp K1
cred2 example.com K2

27. credId rpId Key Pair
cred1 sgk.co.jp K1
cred2 example.com K2
RPごとにキーペアを生成
Private key
Authenticator は credentialId から rpId キーペアを特定
RP1
認証
credId1 credId1
K1priv
rpId1
rpId1
Challenge
user credId Public Key
hani cred1 K1 pub

28. RPごとにキーペアを生成
Private key
rpId の 検証が正しければチャレンジにサインして返す
RP1
認証
credId1 credId1
K1priv
rpId1
rpId1 signOK
Challenge
credId rpId Key Pair
cred1 sgk.co.jp K1
cred2 example.com K2
user credId Public Key
hani cred1 K1 pub

29. 認証
rpId が正しいか、ClientとAuthenticator どちらでも検証
RPの検証
rpId origin OK/NG
sgk.co.jp sgk.co.jp OK
sgk.co.jp api.sgk.co.jp OK
api.sgk.co.jp sgk.co.jp NG
co.jp sg0k.co.jp NG
rpId, challenge, credIdrpId, clientData
credId, sign credId, clientData
credId
credId
sign
Kpriv
RP
Check credId & rpId
rpId
Check rpId
Restore rpId and Key-
pair from credId
rpId: sgk.co.jp
origin: sgk.co.jp OK
origin: api.sgk.co.jp OK
origin: sgk.com NG
Verify
credId rpId Key Pair
cred1 sgk.co.jp K1
cred2 example.com K2
user credId Public Key
hani cred1 K1 pub

30. RPごとにキーペアを生成
Authenticator
RP ごとに キーペア を作成して、credentialId で管理
credId rpId Key Pair
xxxxxx sgk.co.jp KeyPair1
yyyyy example.com KeyPair2
… … …
保存上限は…？
Authenticator内で credentialId
と rpID, Key Pair の組み合わせを
記憶

31. Yubico’s Implementation U2F
https://developers.yubico.com/U2F/Protocol_details/Key_generation.html
Authenticator
credId rpId Key Pair
xxxxxx sgk.co.jp KeyPair1
yyyyy example.com KeyPair2
… … …
サーバーから送られる credential ID から
導出可能なので保存領域が無くてもよい

32. What’s difference

33. FIDO2 対応のキーで実現可能な認証方法
• Single factor Authentication
従来のパスワード認証の代わりに利用。FIDO2対応のキーであればID/Password-less 認証も可
能。
• 2nd Factor Authentication
U2F と同様に 2段階認証のキーとして利用
• Multi-Factor: Password-less + PIN or
Biometric
キーのみで、PINあるいは生体認証を利用したマルチファクター認証。ID/Password-less 認証も可能。
Resident Key
User Verification
Login
1 2 3
4 5 6
7 8 9
0

34. DEMO
Origin bound
Stored
Credentials

35. rpId, challengerpId, clientData
credId, Public key credId, Public key
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair for
rpId
RP
Hash of ClientData
{ type: “webauthn.get”
origin: “example.com”,
challenge: “xxxxxxxxx”,
tokenBinding: { status: …} }

36. rpId, challengerpId, clientData
credId, Public key credId, Public key
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair for
rpId
User Info,User Info RP

37. rpId, challengerpId, clientData
credId, Public key credId, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair for
rpId
User Info,User Info
CTAP
RP

38. rpId, challengerpId, clientData
credId, Public key credId, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair for
rpId
User Info,User Info
CTAP
RP

39. rpId, challengerpId, clientData
credId, Public key credId, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair for
rpId
User Info,User Info
******
PIN
CTAP
RP

40. rpId, challengerpId, clientData
credId, Public key credId, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair for
rpId
User Info,User Info
rpId
User Info
credId
******
PIN
CTAP ******
PIN
Store Credential of
www.example.com ?
RP
rpId credId user Info
rp1 cred1 hani

41. rpId, challengerpId, clientData
credId, Public key credId, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair for
rpId
User Info,User Info
rpId
User Info
credId
******
PIN
CTAP ******
PIN
Store Credential of
www.example.com ?
RP
rpId credId user Info
rp1 cred1 hani

42. rpId, challenge, credIdrpId, clientData
credId, sign credId, clientData
Authentication
credId
credId
sign
Kpriv
RP
Check rpId

43. credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
rpId
RP
rpId, challenge, credId
PIN Support
rpId, clientData credId
Optional
rpId credId user Info
rp1 cred1 hani

44. rpId, clientData
credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
rpId
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
RP
rpId, challenge
rpId credId user Info
rp1 cred1 hani

45. rpId, challengerpId, clientData
credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
rpId
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
RP
CTAP
rpId credId user Info
rp1 cred1 hani

46. rpId, challengerpId, clientData
credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
rpId
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
RP
CTAP
rpId credId user Info
rp1 cred1 hani

47. rpId, challengerpId, clientData
credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
rpId
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
RP
CTAP
User Info
rpId credId user Info
rp1 cred1 hani

48. rpId, challengerpId, clientData
credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
User Info
User Info
login
rpId
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
RP
rpId credId user Info
rp1 cred1 hani

49. rpId, challengerpId, clientData
credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
user.id
userHandleUser Info
User Info
login
rpId
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
RP
rpId credId user Info
rp1 cred1 hani

50. rpId, challengerpId, clientData
credId, sign credId, clientData
Authentication
credId
sign
Kpriv
User Info
credId
******
PIN
user.id
userHandleUser Info
User Info
login
rpId
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
RP
userHandle
Kpub
rpId credId user Info
rp1 cred1 hani

51. Resident Space
clientDatarpId
Device Secret
AcertApriv
Counter
0 0 0 1AAGUIDExtensions
RNG
clientData
rpId
nonce
K1pub
credentialId
K1priv
userrpId
credentialId
Authentication
credentialId

52. Resident Space
clientDatarpId
Device Secret
AcertApriv
Counter
0 0 0 1AAGUIDExtensions
userrpId
credentialId
Authentication
credentialId
HMAC
credentialId
HMACnonce
nonce
rpId
K1priv

53. まとめ
• Single factor Authentication
従来のパスワード認証の代わりに利用。FIDO2対応のキーであればID/Password-less 認証も
可能。
• 2nd Factor Authentication
U2F と同様に 2段階認証のキーとして利用
• Multi-Factor: Password-less + PIN or Biometric
キーのみで、PINあるいは生体認証を利用したマルチファクター認証。ID/Password-less 認証
も可能。
Login
1 2 3
4 5 6
7 8 9
0

54. Thank you