To Attest or Not to Attest, This is the Question – Provable Attestation in FIDO2

Nina Bindel*, Nicolas Gama, Sandra Guasch, Eyal Ronen

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

FIDO2 is currently the main initiative for passwordless authentication in web servers. It mandates the use of secure hardware authenticators to protect the authentication protocol’s secrets from compromise. However, to ensure that only secure authenticators are being used, web servers need a method to attest their properties. The FIDO2 specifications allow for authenticators and web servers to choose between different attestation modes to prove the characteristics of an authenticator, however the properties of most these modes have not been analysed in the context of FIDO2. In this work, we analyse the security and privacy properties of FIDO2 when different attestation modes included in the standard are used, and show that they lack good balance between security, privacy and revocation of corrupted devices. For example, the basic attestation mode prevents remote servers from tracing user’s actions across different services while requiring reduced trust assumptions. However in case one device is compromised, all the devices from the same batch (e.g., of the same brand or model) need to be recalled, which can be quite complex (and arguably impractical) in consumer scenarios. As a consequence we suggest a new attestation mode based on the recently proposed TokenWeaver, which provides more convenient mechanisms for revoking a single token while maintaining user privacy.

Original languageEnglish
Title of host publicationAdvances in Cryptology – ASIACRYPT 2023 - 29th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
EditorsJian Guo, Ron Steinfeld
PublisherSpringer Science and Business Media Deutschland GmbH
Pages297-328
Number of pages32
ISBN (Print)9789819987351
DOIs
StatePublished - 2023
Event29th Annual International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt 2023 - Guangzhou, China
Duration: 4 Dec 20238 Dec 2023

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume14443 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference29th Annual International Conference on the Theory and Application of Cryptology and Information Security, Asiacrypt 2023
Country/TerritoryChina
CityGuangzhou
Period4/12/238/12/23

Keywords

  • FIDO2
  • WebAuthn
  • attestation
  • post- compromise security
  • post-quantum security

Fingerprint

Dive into the research topics of 'To Attest or Not to Attest, This is the Question – Provable Attestation in FIDO2'. Together they form a unique fingerprint.

Cite this