Yubico Forum

Are there any private secrets on the FIDO that are used during U2F enrolment? I read through the FIDO alliance documentation but couldn't find any hints.

If so are they able to be changed by the user using the personalisation tool?

No, U2F does not work that way and the personalization tool is not meant to work with U2F mode devices Yubikey NEO (mode 3) or security key

Documentation is available here:
http://fidoalliance.org/specifications/download

_________________
-Tom

So do I understand correctly that U2F unique ID held in the U2F key is factory set and cannot be changed?

U2F devices do not have an ID, nothing is set at manufacturing.

_________________
-Tom

Tom,

is this really true? Something (whatever it is) must be retained and tied to the key or how else will the key I use for a specific PIN/secret transaction key for some specific website be identified amongst all other U2F keys?
Or (I have not read all U2F documentation so I could have missed the point) are all U2F keys in fact interchangeable (so I could use any key in pace of the one I own) and it just ensures that a secret login token is generated in a secure way?
Where by this key and it's action is somewhat like a TPM module?
In short - if I login & register to an U2F site using one particular U2F key can I then login another time with same with another U2F key with the same PIN/password(phrase)?
Pardon me for posing these questions which may seem obvious to you but I am just trying to understand this device.

Thx in advance for your reply & kind regards, Erik...

I think this seems to answer my question (stated in this link - https://www.yubico.com/products/yubikey ... urity-key/):
<<<>>>
More about the FIDO U2F Security Key

Each Security Key has an individualized secure chip which performs cryptographic functions triggered by a simple touch of the key. You never see the details, but behind the scenes FIDO U2F Security Key provides a unique public and private key pair for each application it protects. Only those keys can correctly complete the cryptographic challenge required for login.
The secure chip is of the same class as those used in SIM Cards, electronic passports, military electronic IDs and chip-and-pin credit cards. Like those devices, the chip is specially “hardened” so it’s extremely difficult to steal the secrets hidden inside. The secrets contained in the Security Key belong to the end-user exclusively and are never transferred, copied or stored by a service provider or any other application provider.
<<<>>>
As I read this it appears that indeed something unique is stored on the key but apparently these are not user alterable (unlike Yubico OTP, OATH-HOTP etc.).

Thx & kind regards, Erik...

Just to be clear on my understanding: there is no ID to get or to identify on the key - it is just that another key will generate a different output if presented to the same website with the same PIN (or password or whatever 2nd factor one my have).
And that makes it unique and tied to the user/account/website/key.
Correct me if I am wrong on this assessment...

Kind regards, Erik...

For all intents and purposes, the only unique identifier for a U2F device is the securely stored internal symmetric key, which cannot be read from outside the device.

Effectively, to identify a particular key, it must be used to attempt to validate a previous registration it was used for [see my layman's description here which should be close to correct: viewtopic.php?f=33&t=1530&p=5956#p5956 ]. If the validation works, then you know that was the key used to generate the public/encrypted-private keys used to register with that origin/site, sent to that origin/site and remote-stored at that origin/site.

Otherwise, there's no way via software to tell one u2f device from another.

In theory, this means that use of the device across multiple unrelated origins/sites should not lead to disclosure concerns. However, I'd like to see a professional cryptographer release a public analysis of the standard and examine some implementations.

B

Thanks for that, I figured there was a symmetric key somewhere, not being able to set that key makes the FIDO not usable in certain environments for internal policy reasons.

Hmm...even though Yubico has supported local configuration of keys for large customers pre-FIDO...that might be problematic for the FIDO part of the device with the Attestation requirements of the FIDO standard.

I suspect FIDO isn't a good solution in general for the environments with the policies you are alluding to.

B