Universal 2nd Factor

Last updated

Universal 2nd Factor (U2F) is an open standard that strengthens and simplifies two-factor authentication (2FA) using specialized Universal Serial Bus (USB) or near-field communication (NFC) devices based on similar security technology found in smart cards. [1] [2] [3] [4] [5] It is succeeded by the FIDO2 Project, which includes the W3C Web Authentication (WebAuthn) standard and the FIDO Alliance's Client to Authenticator Protocol 2 (CTAP2). [6]

Contents

While initially developed by Google and Yubico, with contribution from NXP Semiconductors, the standard is now hosted by the FIDO Alliance. [7] [8]

Advantages and disadvantages

While time-based one-time password (TOTPs) (e.g. 6-digit codes generated on Google Authenticator) were a significant improvement over SMS-based security codes, a number of security vulnerabilities were still possible to exploit, which U2F sought to improve. Specifically:

Comparison of security issues between TOTP and U2F
IssueTOTPU2F
Shared secret
  • Plaintext or QR code transmission of shared secret between server and user
  • Shared secret may be stored in plaintext on server
  • Transmission of public key challenge / response
  • Private key only stored on user hardware device
Man-in-the-middle attack
  • Plaintext code response vulnerable to interception and MITM attack if user has been phished by malicious website
  • Challenge / response is signed (encoding originating domain/website) to prevent interception and reuse
Convenience / eavesdropping
  • Plaintext code is displayed and typed by user manually, visually
  • Prone to mistyping, error
  • Transmission / creation of authentication code is via USB or NFC between hardware key and computer without manual typing steps

In terms of disadvantages, one significant difference and potential drawback to be considered regarding hardware-based U2F solutions is that unlike with TOTP shared-secret methods, there is no possibility of "backing up" recovery codes or shared secrets. If a hardware duplicate or alternative hardware key is not kept and the original U2F hardware key is lost, no recovery of the key is possible (because the private key exists only in hardware). Therefore, for services that do not provide any alternative account recovery method, the use of U2F should be carefully considered.

Design

The USB devices communicate with the host computer using the human interface device (HID) protocol, essentially mimicking a keyboard. [9] [ failed verification see discussion ] This avoids the need for the user to install special hardware driver software in the host computer and permits application software (such as a browser) to directly access the security features of the device without user effort other than possessing and inserting the device. Once communication is established, the application exercises a challenge–response authentication with the device using public-key cryptography methods and a secret unique device key manufactured into the device. [10]

Vulnerabilities

The device key is vulnerable to malicious manufacturer duplication. [11]

In 2020, independent security researchers found a method to extract private keys from Google Titan Key, a popular U2F hardware security token. [12] [13] [14] The method required physical access to the key for several hours, several thousand euros-worth of equipment, and was destructive to the plastic case of the key. [12] [13] [14] The attackers concluded that the difficulty of the attack meant that people were still safer to use the keys than not. [12] [13] [14] The attack was possible due to a vulnerability in the A700X microchip made by NXP Semiconductors, which is also used in security tokens made by Feitian and Yubico, meaning that those tokens are also vulnerable. [12] [15] The vulnerability was responsibly disclosed to the affected manufacturers so that it might be fixed in future products. [12] [13] [14]

Support and use

U2F security keys are supported by Google Chrome since version 38, [2] Firefox since version 57 [16] and Opera since version 40. U2F security keys can be used as an additional method of two-step verification on online services that support the U2F protocol, including Google, [2] Azure, [17] Dropbox, [18] GitHub, [19] GitLab, [20] Bitbucket, [21] Nextcloud, [22] Facebook, [23] and others. [24]

Chrome, Firefox, and Opera were, as of 2015, the only browsers supporting U2F natively. Microsoft has enabled FIDO 2.0 support for Windows 10's Windows Hello login platform. [25] Microsoft Edge [26] browser gained support for U2F in the October 2018 Windows Update. Microsoft accounts, including Office 365, OneDrive, and other Microsoft services, do not yet have U2F support. Mozilla has integrated it into Firefox 57, and enabled it by default in Firefox 60 [27] [28] [29] [30] and Thunderbird 60. [31] Microsoft Edge starting from build 17723 support FIDO2. [32] As of iOS and iPadOS 13.3 Apple now supports U2F in the Safari browser on those platforms.

Specifications

The evolution of the U2F protocol standard Evolution of FIDO2-WebAuthn.svg
The evolution of the U2F protocol standard

The U2F standard has undergone two major revisions:

Additional specification documents may be obtained from the FIDO web site. [35]

The U2F 1.0 Proposed Standard (October 9, 2014) was the starting point for a short-lived specification known as the FIDO 2.0 Proposed Standard (September 4, 2015). The latter was formally submitted to the World Wide Web Consortium (W3C) on November 12, 2015. [36] Subsequently, the first Working Draft of the W3C Web Authentication (WebAuthn) standard was published on May 31, 2016. The WebAuthn standard has been revised numerous times since then, becoming a W3C Recommendation on March 4, 2019.

Meanwhile the U2F 1.2 Proposed Standard (April 11, 2017) became the starting point for the Client to Authenticator Protocol (CTAP) Proposed Standard, which was published on September 27, 2017. FIDO CTAP complements W3C WebAuthn, both of which are in scope for the FIDO2 Project.

WebAuthn and CTAP provide a complete replacement for U2F, which has been renamed "CTAP1" in the latest version of the FIDO2 standard. [37] The WebAuthn protocol is backward-compatible (via the AppID extension) with U2F-only security keys [38] but the U2F protocol is not compatible with a WebAuthn-only authenticator. [39] [40] [37] Some authenticators support both U2F and WebAuthn while some WebAuthn clients support keys created via the legacy U2F API.[ citation needed ]

Related Research Articles

An authenticator is a means used to confirm a user's identity, that is, to perform digital authentication. A person authenticates to a computer system or application by demonstrating that he or she has possession and control of an authenticator. In the simplest case, the authenticator is a common password.

<span class="mw-page-title-main">Security token</span> Device used to gain access to restricted resource

A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to, or in place of, a password. Examples of security tokens include wireless key cards used to open locked doors, a banking token used as a digital authenticator for signing in to online banking, or signing transactions such as wire transfers.

<span class="mw-page-title-main">OpenSocial</span> Public specification aimed at social networking applications

OpenSocial is a public specification that outlines a set of common application programming interfaces (APIs) for web applications. Initially designed for social network applications, it was developed collaboratively by Google, MySpace and other social networks. It has since evolved into a runtime environment that allows third-party components, regardless of their trust level, to operate within an existing web application.

SPKAC is a format for sending a certificate signing request (CSR): it encodes a public key, that can be manipulated using OpenSSL. It is created using the little documented HTML keygen element inside a number of Netscape compatible browsers.

WebRTC is a free and open-source project providing web browsers and mobile applications with real-time communication (RTC) via application programming interfaces (APIs). It allows audio and video communication and streaming to work inside web pages by allowing direct peer-to-peer communication, eliminating the need to install plugins or download native apps.

Content Security Policy (CSP) is a computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. It is a Candidate Recommendation of the W3C working group on Web Application Security, widely supported by modern web browsers. CSP provides a standard method for website owners to declare approved origins of content that browsers should be allowed to load on that website—covered types are JavaScript, CSS, HTML frames, web workers, fonts, images, embeddable objects such as Java applets, ActiveX, audio and video files, and other HTML5 features.

<span class="mw-page-title-main">SQRL</span> Draft open standard for identity verification

SQRL or Secure, Quick, Reliable Login is a draft open standard for secure website login and authentication. The software typically uses a link of the scheme sqrl:// or optionally a QR code, where a user identifies via a pseudonymous zero-knowledge proof rather than providing a user ID and password. This method is thought to be impervious to a brute-force password attack or data breach. It shifts the burden of security away from the party requesting the authentication and closer to the operating-system implementation of what is possible on the hardware, as well as to the user. SQRL was proposed by Steve Gibson of Gibson Research Corporation in October 2013 as a way to simplify the process of authentication without the risk of revelation of information about the transaction to a third party.

<span class="mw-page-title-main">FIDO Alliance</span> Industry consortium working on authentication mechanisms

The FIDOAlliance is an open industry association launched in February 2013 whose stated mission is to develop and promote authentication standards that "help reduce the world’s over-reliance on passwords". FIDO addresses the lack of interoperability among devices that use strong authentication and reduces the problems users face creating and remembering multiple usernames and passwords.

Encrypted Media Extensions (EME) is a W3C specification for providing a communication channel between web browsers and the Content Decryption Module (CDM) software which implements digital rights management (DRM). This allows the use of HTML video to play back DRM-wrapped content such as streaming video services without the use of heavy third-party media plugins like Adobe Flash or Microsoft Silverlight. The use of a third-party key management system may be required, depending on whether the publisher chooses to scramble the keys.

<span class="mw-page-title-main">YubiKey</span> Hardware authentication device by Yubico

The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords (OTP), public-key cryptography, authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols developed by the FIDO Alliance. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device. YubiKey also allows storing static passwords for use at sites that do not support one-time passwords. Google, Amazon, Microsoft, Twitter, and Facebook use YubiKey devices to secure employee accounts as well as end-user accounts. Some password managers support YubiKey. Yubico also manufactures the Security Key, a similar lower-cost device with only FIDO2/WebAuthn and FIDO/U2F support.

Stina Ehrensvärd is a Swedish-American entrepreneur, innovator and industrial designer. She is the founder and Chief Evangelist of Yubico and co-inventor of the YubiKey authentication device.

WebXR Device API is a Web application programming interface (API) that describes support for accessing augmented reality and virtual reality devices, such as the HTC Vive, Oculus Rift, Meta Quest, Google Cardboard, HoloLens, Apple Vision Pro, Magic Leap or Open Source Virtual Reality (OSVR), in a web browser. The WebXR Device API and related APIs are standards defined by W3C groups, the Immersive Web Community Group and Immersive Web Working Group. While the Community Group works on the proposals in the incubation period, the Working Group defines the final web specifications to be implemented by the browsers.

privacyIDEA

privacyIDEA is a two factor authentication system which is multi-tenency- and multi-instance-capable. It is open source, written in Python and hosted at GitHub. privacyIDEA is a LinOTP's fork from 2014.

Token Binding is a proposed standard for a Transport Layer Security (TLS) extension that aims to increase TLS security by using cryptographic certificates on both ends of the TLS connection. Current practice often depends on bearer tokens, which may be lost or stolen. Bearer tokens are also vulnerable to man-in-the-middle attacks or replay attacks. In contrast, bound tokens are established by a user agent that generates a private-public key pair per target server, providing the public key to the server, and thereafter proving possession of the corresponding private key on every TLS connection to the server.

Biometric tokenization is the process of substituting a stored biometric template with a non-sensitive equivalent, called a token, that lacks extrinsic or exploitable meaning or value. The process combines the biometrics with public-key cryptography to enable the use of a stored biometric template for secure or strong authentication to applications or other systems without presenting the template in its original, replicable form.

Web Authentication (WebAuthn) is a web standard published by the World Wide Web Consortium (W3C). WebAuthn is a core component of the FIDO2 Project under the guidance of the FIDO Alliance. The goal of the project is to standardize an interface for authenticating users to web-based applications and services using public-key cryptography. WebAuthn credentials that are available across multiple devices are commonly referred to as passkeys.

Credential Management, also referred to as a Credential Management System (CMS), is an established form of software that is used for issuing and managing credentials as part of public key infrastructure (PKI).

The Client to Authenticator Protocol (CTAP) or X.1278 enables a roaming, user-controlled cryptographic authenticator to interoperate with a client platform such as a laptop.

<span class="mw-page-title-main">Passwordless authentication</span> Identity authentication method

Passwordless authentication is an authentication method in which a user can log in to a computer system without entering a password or any other knowledge-based secret. In most common implementations users are asked to enter their public identifier and then complete the authentication process by providing a secure proof of identity through a registered device or token.

<span class="mw-page-title-main">OnlyKey</span> Hardware security token

OnlyKey is a multi-function hardware security key combining features of a password manager, two-factor authentication (2FA) token, file encryption token, and secure storage device. The device incorporates hardware storage for password and username combinations, while also acting as a portable password manager.

References

  1. Turner, Adam (November 5, 2014). "Google security keys may offer extra layer of online protection". The Sydney Morning Herald. Fairfax Media. Retrieved November 28, 2014.
  2. 1 2 3 "What browsers support U2F?". Yubico. Archived from the original on August 18, 2017. Retrieved August 17, 2017.
  3. Bradley, Tony (October 21, 2014). "How a USB key drive could remove the hassles from two-factor authentication". PCWorld. IDG Consumer & SMB. Retrieved November 28, 2014.
  4. "FIDO Universal 2nd Factor". Yubico AB. Retrieved November 28, 2014.
  5. Diallo, Amadou (November 30, 2013). "Google Wants To Make Your Passwords Obsolete". Forbes. Retrieved November 28, 2014.
  6. "An In-Depth Guide to FIDO Protocols: U2F, UAF, and WebAuthn (FIDO2)".
  7. "FIDO Alliance – download specifications". FIDO Alliance. Retrieved October 19, 2017.
  8. Krebs, Brian (October 14, 2014). "Google Accounts Now Support Security Keys". Krebs on Security. Retrieved November 28, 2014.
  9. "FIDO U2F HID Protocol Specification". FIDO Alliance. October 9, 2014. Retrieved July 24, 2018.
  10. "Key generation". Yubico. Retrieved 31 July 2018.
  11. "Making identical U2F hardware security keys".
  12. 1 2 3 4 5 "Hackers can clone Google Titan 2FA keys using a side channel in NXP chips".
  13. 1 2 3 4 Cimpanu, Catalin (2021-01-08). "New side-channel attack can recover encryption keys from Google Titan security keys". ZDNet. Retrieved 2021-01-13.
  14. 1 2 3 4 "Researchers Show Google's Titan Security Keys Can Be Cloned". SecurityWeek. 2021-01-11. Retrieved 2021-01-13.
  15. "Google Titan security keys hacked by French researchers". Naked Security. Retrieved 2021-01-13.
  16. J.C. Jones (April 4, 2019). "Backward-Compatibility FIDO U2F support shipping soon in Firefox". Mozilla Security Blog.
  17. "Passwordless authentication options for Azure Active Directory" . Retrieved 14 April 2021.
  18. Heim, Patrick; Patel, Jay (August 12, 2015). "Introducing U2F support for secure authentication". Dropbox Blog. Retrieved August 12, 2015.
  19. Olsen, Risk (October 1, 2015). "GitHub supports Universal 2nd Factor authentication". github.com/blog. GitHub . Retrieved October 1, 2015.
  20. Nwaigwe, Amara (June 22, 2016). "Support for Universal 2nd Factor Authentication". GitLab Blog. Retrieved July 9, 2016.
  21. Kells, TJ (June 22, 2016). "Universal 2nd Factor (U2F) now supported in Bitbucket Cloud". Bitbucket Blog. Retrieved June 22, 2016.
  22. "Nextcloud 11 sets new standard for security and scalability". Nextcloud. 13 December 2016. Retrieved 23 December 2016.
  23. "Security Key for safer logins with a touch". Facebook. Retrieved 27 January 2017.
  24. "USB-Dongle Authentication". Josh Davis. Retrieved 23 January 2023.
  25. Ingalls, Dustin (February 13, 2015). "Microsoft Announces FIDO Support Coming to Windows 10". Windows Blog. Retrieved October 3, 2015.
  26. "Microsoft Edge now supports passwordless sign-ins". Engadget. Retrieved 2018-10-04.
  27. "Firefox 57 has native support for U2F". Mozilla. Retrieved November 1, 2017.
  28. "U2F Support Addon" . Retrieved May 8, 2016.
  29. "Firefox Nightly enables support for FIDO U2F Security Keys". Yubico blog. 2017-09-22. Retrieved September 27, 2017.
  30. "Firefox 60.0 release notes" . Retrieved May 11, 2018.
  31. "Thunderbird 60.0 release notes" . Retrieved June 22, 2018.
  32. "Introducing Web Authentication in Microsoft Edge — Microsoft Edge Dev BlogMicrosoft Edge Dev Blog". blogs.windows.com. 2018-07-30. Retrieved 2018-08-03.
  33. "FIDO U2F V1.0 Proposed Standard 2014-10-09". FIDO Alliance. 9 October 2014. Retrieved 3 May 2019.
  34. "FIDO U2F V1.2 Proposed Standard 2017-04-11". FIDO Alliance. 11 April 2017. Retrieved 3 May 2019.
  35. "Download Specifications". FIDO Alliance. Retrieved 13 February 2019.
  36. "Submission Request to W3C: FIDO 2.0 Platform Specifications 1.0". World Wide Web Consortium . Retrieved 12 February 2019.
  37. 1 2 Chong, Jerrod (1 August 2018). "10 Things You've Been Wondering About FIDO2, WebAuthn, and a Passwordless World" . Retrieved 1 May 2019.
  38. Balfanz, Dirk; Czeskis, Alexei; Hodges, Jeff; Jones, J.C.; Jones, Michael B.; Kumar, Akshay; Liao, Angelo; Lindemann, Rolf; Lundberg, Emil (eds.). "Web Authentication: An API for accessing Public Key Credentials Level 1 (latest)". World Wide Web Consortium (W3C). Retrieved 4 March 2019.
  39. Hakamine, Frederico (22 January 2019). "Understanding FIDO Standards: Your Go-To Guide". Okta. Retrieved 22 July 2021.
  40. Salam, Feroz (25 August 2018). "Why you can't use Firefox to register a U2F key with Google". Padlock. Retrieved 1 May 2019.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.