[Cryptography] YubiKeys / FIDO / U2F ??

[Tony Arcieri]

FIDO in general is trying to build authentication systems designed from the
ground-up to work on the web. This most notably involves following the Same
Origin Policy or having explicit means of using credentials across origins
where both origins must agree and the origin a credential is provisioned on
provides an explicit policy for cross-origin use.

Following SOP has the nice side effect of being both privacy-preserving
(certificates are origin-bound) and solving "cross-protocol attacks" where
an attacker convinces a victim to sign a challenge/response used for auth
in a non-auth context.

It should also play nicely with the upcoming Token Binding extension for
TLS, which will allow cookies and other similar bearer credentials to be
confined to the holder of such a hardware token.

Yubico's implementation has the nice properties of being otherwise
stateless (keys are derived based on origin / "AppID") and never
exfiltrating private keys from the device, even in encrypted form (instead
it derives private keys from the combination of an AppID and nonce
generated on the device)

Of course it is proprietary hardware... whether you trust it is up to you
to decide.

All that said: yes, this is a great step forward for the web.

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151102/eb096aee/attachment.html>