Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

U2F/FIDO2 implementation of YubiKey

916 vues

Publié le

発表する場所が無かったので供養…

個人の調査に基づいたものであり、Yubicoの見解ではありません。

Publié dans : Logiciels
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

U2F/FIDO2 implementation of YubiKey

  1. 1. YubiKey の U2F, FIDO2 実装のナカミ U2F/FIDO2 implementation of YubiKey
  2. 2. Wataru Haniyama @watahani 3 years ago… I worked at book store
  3. 3. マニアックな 話します https://developers.yubico.com/U2F/Protocol_details/Key_generation.html
  4. 4. Implementation of U2F Host Library It’s interesting looking FIDO2 overall from U2F (^^)/
  5. 5. TODAY I talk about U2F
  6. 6. TODAY I talk about U2F and FIDO2
  7. 7. using publicKey
  8. 8. CTAP1 Security Points Check App ID in Authenticator, Client, Server Make Private Key for Each Applications
  9. 9. Yubico’s Implementation U2F https://developers.yubico.com/U2F/Protocol_details/Key_generation.html
  10. 10. rpId, challengerpId, clientData CredID, Public key CredID, Public key AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId RP Hash of ClientData { type: “webauthn.create” origin: “example.com”, challenge: “xxxxxxxxx”, tokenBinding: { status: …} }
  11. 11. Registration Generate Random Nonce RNG Device Secret App ID Challenge HMAC 0 0 0 0 https://developers.yubico.com/U2F/Protocol_details/Key_generation.html Response Attestation Certificate Attestation Secret
  12. 12. Registration Generate Random Nonce RNG Nonce App ID App ID Challenge Generate Application Private Key HMAC 0 0 0 0 https://developers.yubico.com/U2F/Protocol_details/Key_generation.html Response Device Secret
  13. 13. Registration Generate Random Nonce RNG Nonce Application Private Key Application Public Key App ID App ID Challenge Generate Application Private Key HMAC 0 0 0 0 https://developers.yubico.com/U2F/Protocol_details/Key_generation.html ECDSA P-256 Response Device Secret
  14. 14. Yubico’s Implementation U2F Generate Credential ID Application Private Key Application Public Key Nonce App ID Challenge HMAC 0 0 0 0 Response Device Secret
  15. 15. Yubico’s Implementation U2F Generate Credential ID HASH MAC Application Private Key Nonce App ID Challenge HMAC 0 0 0 0 Response Device Secret Application Public Key
  16. 16. Yubico’s Implementation U2F Generate Credential ID HASH MAC Application Private Key Nonce App ID Challenge HMAC 0 0 0 0 Nonce Response Device Secret Application Public Key
  17. 17. Yubico’s Implementation U2F Generate Credential ID HASH MAC Application Private Key Credential ID Nonce App ID Challenge HMAC 0 0 0 0 Nonce Response Device Secret Application Public Key
  18. 18. Yubico’s Implementation U2F Generate Credential ID HASH MAC Application Private Key Credential ID Nonce App ID Challenge HMAC 0 0 0 0 Nonce Response Device Secret Application Public Key U2F protocol KeyHandle
  19. 19. Attestation Statement fido-u2f Attestation Certificate Credential ID ECDSAP256 App ID Challenge 0 0 0 0 Response Attestation Secret Application Public Key
  20. 20. Attestation Statement fido-u2f Attestation Certificate Credential ID ECDSAP256 App ID App ID Challenge 0 0 0 0 Challenge Client Data Response Attestation Secret Application Public Key
  21. 21. Attestation Statement fido-u2f Credential ID ECDSAP256 Application Public Key Credential ID App ID Challenge App ID Challenge Client Data 0 0 0 0 Response Application Public Key Attestation Certificate Attestation Secret
  22. 22. Attestation Statement fido-u2f Signing by Device Secret Attestation Certificate Credential ID Attestation Signature Application Private Key Application Public Key ECDSAP256 Application Public Key Credential ID App ID Challenge App ID Challenge Client Data https://www.w3.org/TR/webauthn/#fido-u2f-attestation 0 0 0 0Attestation Secret
  23. 23. Attestation Statement fido-u2f Signing by Device Secret Attestation Certificate Credential ID Attestation Signature Application Private Key Application Public Key ECDSAP256 Application Public Key Credential ID App ID Challenge App ID Challenge Client Data https://www.w3.org/TR/webauthn/#fido-u2f-attestation 0 0 0 0 Certificate: Data: Version: 3 (0x2) Serial Number: 305582463 (0x1236d17f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN = Yubico U2F Root CA Serial 457200631 Validity Not Before: Aug 1 00:00:00 2014 GMT Not After : Sep 4 00:00:00 2050 GMT Subject: CN = Yubico U2F EE Serial 23925734103241087 Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:d3:65:a9:1e:5e:99:e0:d5:b4:39:c0:d9:af:bb: 87:f4:05:8e:47:dd:12:b1:44:ed:b1:4d:2b:33:f8: d3:5c:15:13:e4:0d:79:f0:f9:99:ab:e2:36:71:95: 93:81:c9:dc:2b:07:85:8b:82:ac:63:47:62:04:cc: f7:34:d6:ae:21 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: 1.3.6.1.4.1.41482.2: 1.3.6.1.4.1.41482.1.5 1.3.6.1.4.1.45724.2.1.1: ... Signature Algorithm: sha256WithRSAEncryption 22:1b:9b:b3:b2:72:24:f1:3e:be:a3:22:… SHA1 Fingerprint=5C:5C:14:02:D0:9B:7D:3D:FE:C3:79:3F:C9:E6:33:49:57:81:46:C0 Attestation Secret Signed by Yubico Root CA
  24. 24. Attestation Statement fido-u2f Signing by Device Secret Attestation Certificate Credential ID Attestation Signature ECDSAP256 Application Public Key Credential ID App ID Challenge App ID Challenge Client Data 0 0 0 0 Attestation Certificate Response Attestation Secret Application Public Key
  25. 25. Attestation Statement fido-u2f Signing by Device Secret Attestation Certificate Credential ID ECDSAP256 Application Public Key Credential ID App ID Challenge App ID Challenge Client Data 0 0 0 0 Response Attestation Secret Application Public Key Attestation Signature Attestation Certificate
  26. 26. rpId, challenge, CredIDrpId, clientData CredID, sign CredID, clientData Authentication CredID CredID sign Kpriv RP Hash of ClientData { type: “webauthn.get” origin: “example.com”, challenge: “xxxxxxxxx”, tokenBinding: { status: …} }
  27. 27. Authentication re-generate private key Generate Private Key from Credential ID Credential ID Attestation Certificate App ID Challenge Credential ID HASH MACNonce App ID HMAC 0 0 0 0Device Secret Attestation Secret
  28. 28. Authentication re-generate private key Generate Private Key from Credential ID Credential ID Attestation Certificate App ID Challenge Credential ID HASH MACNonce Nonce App ID HMAC 0 0 0 0Device Secret Attestation Secret
  29. 29. Authentication re-generate private key Generate Private Key from Credential ID Credential ID Attestation Certificate App ID Challenge Credential ID HASH MACNonce Nonce App ID Application Private Key HMAC 0 0 0 0Device Secret Attestation Secret
  30. 30. Authentication verify private key Credential ID Attestation Certificate App ID Challenge Credential ID Nonce Application Private Key HMAC HASH MACNonce 0 0 0 0 Application Private Key Device Secret Attestation Secret
  31. 31. Authentication verify private key Credential ID Attestation Certificate App ID Challenge Credential ID Nonce Application Private Key HASH MAC HMAC HASH MACNonce 0 0 0 0Device Secret Attestation Secret
  32. 32. Authentication verify private key Check HMAC Credential ID Attestation Certificate App ID Challenge Credential ID Nonce Application Private Key HASH MAC HMAC HASH MACNonce 0 0 0 0Device Secret Attestation Secret
  33. 33. Authentication signature Attestation Certificate App ID Challenge Credential ID Application Private Key ECDSA App ID Challenge 0 0 0 1 Attestation Secret
  34. 34. Authentication signature Attestation Certificate App ID Challenge Credential ID Application Private Key ECDSA App ID Challenge 0 0 0 1 0 0 0 1 Attestation Secret
  35. 35. Authentication signature Attestation Certificate App ID Challenge Credential ID Application Private Key ECDSA App ID Challenge 0 0 0 1 0 0 0 1 0 0 0 0 0 0 0 1 UP Attestation Secret
  36. 36. Authentication signature Attestation Certificate App ID Challenge Credential ID Application Private Key ECDSA App ID Challenge 0 0 0 1 Signature 0 0 0 1 Attestation Secret
  37. 37. Authentication signature Attestation Certificate App ID Challenge Credential ID Application Private Key ECDSA App ID Challenge 0 0 0 1 Signature 0 0 0 1 0 0 0 1 Attestation Secret
  38. 38. using publicKey Credential ID
  39. 39. What’s difference
  40. 40. Extensions Resident Space Space New Security Key (FIDO2 Spec) Attestation CertificateAAGUID 0 0 0 0 ****** PIN Support Device Secret Attestation Secret
  41. 41. Extensions Resident Space Space PIN Support Attestation CertificateAAGUID 0 0 0 0 ****** PIN Support Device Secret Attestation Secret
  42. 42. Extensions Resident Space Space Resident Key Attestation CertificateAAGUID 0 0 0 0 ****** PIN Support Device Secret Attestation Secret
  43. 43. Extensions Resident Space Space AAGUID Attestation CertificateAAGUID 0 0 0 0 ****** PIN Support Device Secret Attestation Secret
  44. 44. Attestation Secret Device SecretExtensions Resident Space Space Support CTAP2 Extensions (hmac-secret) Attestation CertificateAAGUID 0 0 0 0 ****** PIN Support https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html#sctn-hmac-secret-extension
  45. 45. Resident Key (FIDO2 Spec) Attestation Certificate Credential IDApp ID User Info Handle AAGUID 0 0 0 0 Resident Space Space Extensions Device Secret Attestation Secret
  46. 46. rpId, challengerpId, clientData CredID, Public key CredID, Public key AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId RP Hash of ClientData { type: “webauthn.create” origin: “example.com”, challenge: “xxxxxxxxx”, tokenBinding: { status: …} }
  47. 47. rpId, challengerpId, clientData CredID, Public key CredID, Public key AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId User Info,User Info RP
  48. 48. rpId, challengerpId, clientData CredID, Public key CredID, Public key authenticatorSelection: { userVerification: “required“, requireResidentKey: true, authenticatorAttachment: “cross-platform” } AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId User Info,User Info CTAP RP
  49. 49. rpId, challengerpId, clientData CredID, Public key CredID, Public key authenticatorSelection: { userVerification: “required“, requireResidentKey: true, authenticatorAttachment: “cross-platform” } AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId User Info,User Info CTAP RP
  50. 50. rpId, challengerpId, clientData CredID, Public key CredID, Public key authenticatorSelection: { userVerification: “required“, requireResidentKey: true, authenticatorAttachment: “cross-platform” } AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId User Info,User Info ****** PIN CTAP RP
  51. 51. rpId, challengerpId, clientData CredID, Public key CredID, Public key authenticatorSelection: { userVerification: “required“, requireResidentKey: true, authenticatorAttachment: “cross-platform” } AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId User Info,User Info rpId User Info CredID ****** PIN CTAP ****** PIN Store Credential of www.example.com ? RP
  52. 52. rpId, challengerpId, clientData CredID, Public key CredID, Public key authenticatorSelection: { userVerification: “required“, requireResidentKey: true, authenticatorAttachment: “cross-platform” } AttestationAttestation Registration clientData Check rpId Generate Key-pair for rpId User Info,User Info rpId User Info CredID ****** PIN CTAP ****** PIN Store Credential of www.example.com ? RP
  53. 53. Registration with Resident Key Attestation Certificate App ID Challenge AAGUID 0 0 0 0 Resident Space Space Extensions Device Secret Attestation Secret User Info WebAuthn spec!
  54. 54. Registration with Resident Key Attestation Certificate App ID Challenge AAGUID 0 0 0 0 Resident Space Space Extensions Device Secret Attestation Secret User Info App ID Challenge RNG Nonce
  55. 55. Registration with Resident Key Attestation Certificate App ID Challenge AAGUID 0 0 0 0 Resident Space Space Extensions Device Secret Attestation Secret User Info Credential ID Application Public Key App ID Challenge RNG Nonce
  56. 56. Registration with Resident Key Attestation Certificate App ID Challenge AAGUID 0 0 0 0 Resident Space Space Extensions Device Secret Attestation Secret User Info Credential ID Application Public Key Credential ID App ID User Info
  57. 57. Registration with Resident Key Attestation Certificate App ID Challenge AAGUID 0 0 0 0 Resident Space Space Extensions Device Secret Attestation Secret User Info Credential ID App ID User Info 必須なのは User Handle のみ
  58. 58. Registration with Resident Key Attestation Certificate App ID Challenge AAGUID 0 0 0 0 Resident Space Space Extensions Device Secret Attestation Secret User Info Credential ID App ID User Info 必須なのは User Handle のみ
  59. 59. rpId, challenge, CredIDrpId, clientData CredID, sign CredID, clientData Hash { origin: “example.com”, challenge: “xxxxxxxxx” } Authentication CredID CredID sign Kpriv RP Check rpId
  60. 60. CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN rpId RP rpId, challenge, CredID Resident Key PIN Support rpId, clientData CredID Optional
  61. 61. rpId, clientData CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN rpId RP rpId, challenge, CredID [空にする]
  62. 62. rpId, challengerpId, clientData CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN rpId RP CTAP
  63. 63. rpId, challengerpId, clientData CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN rpId RP CTAP
  64. 64. rpId, challengerpId, clientData CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN rpId RP CTAP User Info
  65. 65. rpId, challengerpId, clientData CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN User Info User Info login rpId RP ユーザ情報が複数ある場合 はリスト表示される
  66. 66. rpId, challengerpId, clientData CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN user.id userHandleUser Info User Info login rpId RP
  67. 67. rpId, challengerpId, clientData CredID, sign CredID, clientData Authentication CredID sign Kpriv User Info CredID ****** PIN user.id userHandleUser Info User Info login rpId RP userHandle Kpub
  68. 68. Authentication Attestation Certificate App ID Challenge AAGUID 0 0 0 0Extensions Device Secret Attestation Secret RP doesn’t send Credential ID when id-less authentication Credential ID Resident Space Space Credential ID App ID User Info
  69. 69. Authentication Attestation Certificate App ID AAGUID 0 0 0 0Extensions Device Secret Attestation Secret Authenticator list credentials for specific AppID after User Info Verification(or User Info Presence) Challenge Resident Space Space Credential ID App ID User Info ******
  70. 70. Origin bound Stored Credentials
  71. 71. Authenticate Attestation Certificate App ID Challenge AAGUID 0 0 0 0Extensions Device Secret Attestation Secret Credential ID Application Private Key Resident Space Space Credential ID App ID User Info
  72. 72. Authenticate Attestation Certificate App ID Challenge AAGUID 0 0 0 0Extensions Device Secret Attestation Secret Credential ID Application Private Key Resident Space Space Credential ID App ID User Info
  73. 73. FIDO2 • Single factor Authentication Credential Management API Support PublicKey Crypto • 2nd Factor Authentication WebAuthn Support both CTAP1 and CTAP2 • Multi-Factor: Passwordless + PIN or Biometric CTAP2 Support User Info Verification
  74. 74. Thank you

×