Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 12:56 pm

All times are UTC + 1 hour




Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 19 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Thu Oct 23, 2014 4:56 am 
Offline

Joined: Tue May 26, 2009 4:46 am
Posts: 2
Are there any private secrets on the FIDO that are used during U2F enrolment? I read through the FIDO alliance documentation but couldn't find any hints.

If so are they able to be changed by the user using the personalisation tool?


Last edited by ridale on Fri Oct 24, 2014 12:27 am, edited 1 time in total.

Top
 Profile  
 

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Thu Oct 23, 2014 10:49 am 
Offline
Site Admin
Site Admin

Joined: Wed Nov 14, 2012 2:59 pm
Posts: 666
No, U2F does not work that way and the personalization tool is not meant to work with U2F mode devices Yubikey NEO (mode 3) or security key

Documentation is available here:
http://fidoalliance.org/specifications/download

_________________
-Tom


Top
 Profile  
 
PostPosted: Thu Oct 23, 2014 11:40 am 
Offline

Joined: Thu Apr 24, 2014 2:40 pm
Posts: 31
Location: The Hague, Netherlands
So do I understand correctly that U2F unique ID held in the U2F key is factory set and cannot be changed?


Top
 Profile  
 
PostPosted: Thu Oct 23, 2014 12:22 pm 
Offline
Site Admin
Site Admin

Joined: Wed Nov 14, 2012 2:59 pm
Posts: 666
U2F devices do not have an ID, nothing is set at manufacturing.

_________________
-Tom


Top
 Profile  
 
PostPosted: Thu Oct 23, 2014 12:54 pm 
Offline

Joined: Thu Apr 24, 2014 2:40 pm
Posts: 31
Location: The Hague, Netherlands
Tom,

is this really true? Something (whatever it is) must be retained and tied to the key or how else will the key I use for a specific PIN/secret transaction key for some specific website be identified amongst all other U2F keys?
Or (I have not read all U2F documentation so I could have missed the point) are all U2F keys in fact interchangeable (so I could use any key in pace of the one I own) and it just ensures that a secret login token is generated in a secure way?
Where by this key and it's action is somewhat like a TPM module?
In short - if I login & register to an U2F site using one particular U2F key can I then login another time with same with another U2F key with the same PIN/password(phrase)?
Pardon me for posing these questions which may seem obvious to you but I am just trying to understand this device.

Thx in advance for your reply & kind regards, Erik...


Top
 Profile  
 
PostPosted: Thu Oct 23, 2014 1:09 pm 
Offline

Joined: Thu Apr 24, 2014 2:40 pm
Posts: 31
Location: The Hague, Netherlands
I think this seems to answer my question (stated in this link - https://www.yubico.com/products/yubikey ... urity-key/):
<<<>>>
More about the FIDO U2F Security Key

Each Security Key has an individualized secure chip which performs cryptographic functions triggered by a simple touch of the key. You never see the details, but behind the scenes FIDO U2F Security Key provides a unique public and private key pair for each application it protects. Only those keys can correctly complete the cryptographic challenge required for login.
The secure chip is of the same class as those used in SIM Cards, electronic passports, military electronic IDs and chip-and-pin credit cards. Like those devices, the chip is specially “hardened” so it’s extremely difficult to steal the secrets hidden inside. The secrets contained in the Security Key belong to the end-user exclusively and are never transferred, copied or stored by a service provider or any other application provider.
<<<>>>
As I read this it appears that indeed something unique is stored on the key but apparently these are not user alterable (unlike Yubico OTP, OATH-HOTP etc.).

Thx & kind regards, Erik...


Top
 Profile  
 
PostPosted: Thu Oct 23, 2014 1:15 pm 
Offline

Joined: Thu Apr 24, 2014 2:40 pm
Posts: 31
Location: The Hague, Netherlands
Just to be clear on my understanding: there is no ID to get or to identify on the key - it is just that another key will generate a different output if presented to the same website with the same PIN (or password or whatever 2nd factor one my have).
And that makes it unique and tied to the user/account/website/key.
Correct me if I am wrong on this assessment...

Kind regards, Erik...


Top
 Profile  
 
PostPosted: Thu Oct 23, 2014 1:31 pm 
Offline

Joined: Thu Oct 16, 2014 11:51 pm
Posts: 82
erikie wrote:
Tom,

is this really true? Something (whatever it is) must be retained and tied to the key or how else will the key I use for a specific PIN/secret transaction key for some specific website be identified amongst all other U2F keys?
Or (I have not read all U2F documentation so I could have missed the point) are all U2F keys in fact interchangeable (so I could use any key in pace of the one I own) and it just ensures that a secret login token is generated in a secure way?
Where by this key and it's action is somewhat like a TPM module?
In short - if I login & register to an U2F site using one particular U2F key can I then login another time with same with another U2F key with the same PIN/password(phrase)?
Pardon me for posing these questions which may seem obvious to you but I am just trying to understand this device.

Thx in advance for your reply & kind regards, Erik...


For all intents and purposes, the only unique identifier for a U2F device is the securely stored internal symmetric key, which cannot be read from outside the device.

Effectively, to identify a particular key, it must be used to attempt to validate a previous registration it was used for [see my layman's description here which should be close to correct: viewtopic.php?f=33&t=1530&p=5956#p5956 ]. If the validation works, then you know that was the key used to generate the public/encrypted-private keys used to register with that origin/site, sent to that origin/site and remote-stored at that origin/site.

Otherwise, there's no way via software to tell one u2f device from another.

In theory, this means that use of the device across multiple unrelated origins/sites should not lead to disclosure concerns. However, I'd like to see a professional cryptographer release a public analysis of the standard and examine some implementations. :)

B


Top
 Profile  
 
PostPosted: Fri Oct 24, 2014 12:27 am 
Offline

Joined: Tue May 26, 2009 4:46 am
Posts: 2
Thanks for that, I figured there was a symmetric key somewhere, not being able to set that key makes the FIDO not usable in certain environments for internal policy reasons.


Top
 Profile  
 
PostPosted: Fri Oct 24, 2014 2:00 am 
Offline

Joined: Thu Oct 16, 2014 11:51 pm
Posts: 82
ridale wrote:
Thanks for that, I figured there was a symmetric key somewhere, not being able to set that key makes the FIDO not usable in certain environments for internal policy reasons.


Hmm...even though Yubico has supported local configuration of keys for large customers pre-FIDO...that might be problematic for the FIDO part of the device with the Attestation requirements of the FIDO standard.

I suspect FIDO isn't a good solution in general for the environments with the policies you are alluding to.

B


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 19 posts ]  Go to page 1, 2  Next

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group