20. Attestation Statement fido-u2f
Attestation Certificate
Credential ID
ECDSAP256
App ID
App ID Challenge
0 0 0 0
Challenge
Client Data
Response
Attestation Secret
Application Public Key
21. Attestation Statement fido-u2f
Credential ID
ECDSAP256
Application Public Key
Credential ID
App ID
Challenge
App ID Challenge
Client Data
0 0 0 0
Response
Application Public Key
Attestation Certificate
Attestation Secret
22. Attestation Statement fido-u2f
Signing by Device Secret
Attestation Certificate
Credential ID
Attestation Signature
Application Private Key Application Public Key
ECDSAP256
Application Public Key
Credential ID
App ID
Challenge
App ID Challenge
Client Data
https://www.w3.org/TR/webauthn/#fido-u2f-attestation
0 0 0 0Attestation Secret
23. Attestation Statement fido-u2f
Signing by Device Secret
Attestation Certificate
Credential ID
Attestation Signature
Application Private Key Application Public Key
ECDSAP256
Application Public Key
Credential ID
App ID
Challenge
App ID Challenge
Client Data
https://www.w3.org/TR/webauthn/#fido-u2f-attestation
0 0 0 0
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 305582463 (0x1236d17f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Yubico U2F Root CA Serial 457200631
Validity
Not Before: Aug 1 00:00:00 2014 GMT
Not After : Sep 4 00:00:00 2050 GMT
Subject: CN = Yubico U2F EE Serial 23925734103241087
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:d3:65:a9:1e:5e:99:e0:d5:b4:39:c0:d9:af:bb:
87:f4:05:8e:47:dd:12:b1:44:ed:b1:4d:2b:33:f8:
d3:5c:15:13:e4:0d:79:f0:f9:99:ab:e2:36:71:95:
93:81:c9:dc:2b:07:85:8b:82:ac:63:47:62:04:cc:
f7:34:d6:ae:21
ASN1 OID: prime256v1
NIST CURVE: P-256
X509v3 extensions:
1.3.6.1.4.1.41482.2:
1.3.6.1.4.1.41482.1.5
1.3.6.1.4.1.45724.2.1.1:
...
Signature Algorithm: sha256WithRSAEncryption
22:1b:9b:b3:b2:72:24:f1:3e:be:a3:22:…
SHA1 Fingerprint=5C:5C:14:02:D0:9B:7D:3D:FE:C3:79:3F:C9:E6:33:49:57:81:46:C0
Attestation Secret
Signed by Yubico Root CA
24. Attestation Statement fido-u2f
Signing by Device Secret
Attestation Certificate
Credential ID
Attestation Signature
ECDSAP256
Application Public Key
Credential ID
App ID
Challenge
App ID Challenge
Client Data
0 0 0 0
Attestation Certificate
Response
Attestation Secret
Application Public Key
25. Attestation Statement fido-u2f
Signing by Device Secret
Attestation Certificate
Credential ID
ECDSAP256
Application Public Key
Credential ID
App ID
Challenge
App ID Challenge
Client Data
0 0 0 0
Response
Attestation Secret
Application Public Key
Attestation Signature Attestation Certificate
45. Attestation Secret
Device SecretExtensions
Resident Space Space
Support CTAP2 Extensions
(hmac-secret)
Attestation CertificateAAGUID 0 0 0 0
******
PIN Support
https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#sctn-hmac-secret-extension
46. Resident Key (FIDO2 Spec)
Attestation Certificate
Credential IDApp ID
User Info
Handle
AAGUID 0 0 0 0
Resident Space Space
Extensions Device Secret
Attestation Secret
47. rpId, challengerpId, clientData
CredID, Public key CredID, Public key
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair
for rpId
RP
Hash of ClientData
{ type: “webauthn.create”
origin: “example.com”,
challenge: “xxxxxxxxx”,
tokenBinding: { status: …} }
48. rpId, challengerpId, clientData
CredID, Public key CredID, Public key
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair
for rpId
User Info,User Info RP
49. rpId, challengerpId, clientData
CredID, Public key CredID, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair
for rpId
User Info,User Info
CTAP
RP
50. rpId, challengerpId, clientData
CredID, Public key CredID, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair
for rpId
User Info,User Info
CTAP
RP
51. rpId, challengerpId, clientData
CredID, Public key CredID, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair
for rpId
User Info,User Info
******
PIN
CTAP
RP
52. rpId, challengerpId, clientData
CredID, Public key CredID, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair
for rpId
User Info,User Info
rpId
User Info
CredID
******
PIN
CTAP ******
PIN
Store Credential of
www.example.com ?
RP
53. rpId, challengerpId, clientData
CredID, Public key CredID, Public key
authenticatorSelection: {
userVerification: “required“,
requireResidentKey: true,
authenticatorAttachment: “cross-platform”
}
AttestationAttestation
Registration
clientData
Check rpId
Generate Key-pair
for rpId
User Info,User Info
rpId
User Info
CredID
******
PIN
CTAP ******
PIN
Store Credential of
www.example.com ?
RP
54. Registration with Resident Key
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0
Resident Space Space
Extensions Device Secret
Attestation Secret
User Info WebAuthn spec!
55. Registration with Resident Key
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0
Resident Space Space
Extensions Device Secret
Attestation Secret
User Info
App ID
Challenge
RNG
Nonce
56. Registration with Resident Key
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0
Resident Space Space
Extensions Device Secret
Attestation Secret
User Info
Credential ID
Application Public Key
App ID
Challenge
RNG
Nonce
57. Registration with Resident Key
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0
Resident Space Space
Extensions Device Secret
Attestation Secret
User Info
Credential ID
Application Public Key
Credential ID
App ID User Info
58. Registration with Resident Key
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0
Resident Space Space
Extensions Device Secret
Attestation Secret
User Info
Credential ID
App ID User Info
必須なのは User Handle のみ
59. Registration with Resident Key
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0
Resident Space Space
Extensions Device Secret
Attestation Secret
User Info
Credential ID
App ID User Info
必須なのは User Handle のみ
66. rpId, challengerpId, clientData
CredID, sign CredID, clientData
Authentication
CredID
sign
Kpriv
User Info
CredID
******
PIN
User Info
User Info
login
rpId
RP
ユーザ情報が複数ある場合
はリスト表示される
67. rpId, challengerpId, clientData
CredID, sign CredID, clientData
Authentication
CredID
sign
Kpriv
User Info
CredID
******
PIN
user.id
userHandleUser Info
User Info
login
rpId
RP
68. rpId, challengerpId, clientData
CredID, sign CredID, clientData
Authentication
CredID
sign
Kpriv
User Info
CredID
******
PIN
user.id
userHandleUser Info
User Info
login
rpId
RP
userHandle
Kpub
69. Authentication
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0Extensions Device Secret
Attestation Secret
RP doesn’t send Credential ID
when id-less authentication
Credential ID
Resident Space Space
Credential ID
App ID User Info
70. Authentication
Attestation Certificate
App ID
AAGUID 0 0 0 0Extensions Device Secret
Attestation Secret
Authenticator list credentials for specific
AppID after User Info Verification(or
User Info Presence)
Challenge
Resident Space Space
Credential ID
App ID User Info
******
74. Authenticate
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0Extensions Device Secret
Attestation Secret
Credential ID Application Private Key
Resident Space Space
Credential ID
App ID User Info
75. Authenticate
Attestation Certificate
App ID Challenge
AAGUID 0 0 0 0Extensions Device Secret
Attestation Secret
Credential ID Application Private Key
Resident Space Space
Credential ID
App ID User Info
76. FIDO2
• Single factor Authentication
Credential Management API Support PublicKey Crypto
• 2nd Factor Authentication
WebAuthn Support both CTAP1 and CTAP2
• Multi-Factor: Passwordless + PIN or Biometric
CTAP2 Support User Info Verification
RP provide AppID and challenge (appID has been verified by client)
YubiKey Generate Random Nonce and calculate HMAC from AppID and Nonce using Device Secret.
Generated HMAC is Application Private Key
Generate public key from private key (ECDSA P-256)
RP provide AppID and challenge (appID has been verified by client)
YubiKey Generate Random Nonce and calculate HMAC from AppID and Nonce using Device Secret.
Generated HMAC is Application Private Key
Generate public key from private key (ECDSA P-256)
RP provide AppID and challenge (appID has been verified by client)
YubiKey Generate Random Nonce and calculate HMAC from AppID and Nonce using Device Secret.
Generated HMAC is Application Private Key
Generate public key from private key (ECDSA P-256)
Calculate HMAC from Application Private Key and Nonce
Concat HMAC and Nonce. It is Credential ID
Calculate HMAC from Application Private Key and Nonce
Concat HMAC and Nonce. It is Credential ID
Calculate HMAC from Application Private Key and Nonce
Concat HMAC and Nonce. It is Credential ID
Calculate HMAC from Application Private Key and Nonce
Concat HMAC and Nonce. It is Credential ID
Credential ID is called “KeyHandle” in U2F protocol
Attestation Statement
FIDO U2F statement is defined in W3C WebAuthentication API
FIDO U2F statement include signature and certificate
YubiKey sign to App ID, Challenge(ClientData), Credential ID, Application public Key with Device Secret
Attestation Certificate (Attestation Certificate) is pair of Device secret.
Attestation Certificate is signed by Yubico Root CA.
Attestation Statement
FIDO U2F statement is defined in W3C WebAuthentication API
FIDO U2F statement include signature and certificate
YubiKey sign to App ID, Challenge(ClientData), Credential ID, Application public Key with Device Secret
Attestation Certificate (Attestation Certificate) is pair of Device secret.
Attestation Certificate is signed by Yubico Root CA.
Attestation Statement
FIDO U2F statement is defined in W3C WebAuthentication API
FIDO U2F statement include signature and certificate
YubiKey sign to App ID, Challenge(ClientData), Credential ID, Application public Key with Device Secret
Attestation Certificate (Attestation Certificate) is pair of Device secret.
Attestation Certificate is signed by Yubico Root CA.
Attestation Statement
FIDO U2F statement is defined in W3C WebAuthentication API
FIDO U2F statement include signature and certificate
YubiKey sign to App ID, Challenge(ClientData), Credential ID, Application public Key with Device Secret
Attestation Certificate (Attestation Certificate) is pair of Device secret.
Attestation Certificate is signed by Yubico Root CA.
Attestation Statement
FIDO U2F statement is defined in W3C WebAuthentication API
FIDO U2F statement include signature and certificate
YubiKey sign to App ID, Challenge(ClientData), Credential ID, Application public Key with Device Secret
Attestation Certificate (Attestation Certificate) is pair of Device secret.
Attestation Certificate is signed by Yubico Root CA.
Attestation Statement
FIDO U2F statement is defined in W3C WebAuthentication API
FIDO U2F statement include signature and certificate
YubiKey sign to App ID, Challenge(ClientData), Credential ID, Application public Key with Device Secret
Attestation Certificate (Attestation Certificate) is pair of Device secret.
Attestation Certificate is signed by Yubico Root CA.
Authentication
Credential ID include Nonce and HMAC
Calculate HMAC from AppID and Nonce using Device Secret. It is Application Private Key
Authentication
Credential ID include Nonce and HMAC
Calculate HMAC from AppID and Nonce using Device Secret. It is Application Private Key
Authentication
Credential ID include Nonce and HMAC
Calculate HMAC from AppID and Nonce using Device Secret. It is Application Private Key
Verify Private Key is generated on this device
Calculate HMAC form Application Private Key and Nonce.
If generated HMAC equals to HMAC from RP, It has been verified the private key was generated on this device.
Verify Private Key is generated on this device
Calculate HMAC form Application Private Key and Nonce.
If generated HMAC equals to HMAC from RP, It has been verified the private key was generated on this device.
Verify Private Key is generated on this device
Calculate HMAC form Application Private Key and Nonce.
If generated HMAC equals to HMAC from RP, It has been verified the private key was generated on this device.
And AppID is correct!
Calculate a
U2F support only UP flag.
UP: User Info Presence
I don’t know about it...
- Resident Key store AppID
- Resident Key store AppID
- Resident Key store AppID
- Resident Key store AppID
- Resident Key store AppID
- Resident Key store AppID
- Resident Key store AppID
- Authenticate
- Authenticate
DEMO
https://youtu.be/XjfR9cVmqJE
Application Private Key can be re-generate from credential ID.
Authenticator return signature and “User Info Handle” which identifier the RP’s User Info.
Application Private Key can be re-generate from credential ID.
Authenticator return signature and “User Info Handle” which identifier the RP’s User Info.