Originally published at: https://boingboing.net/2020/02/11/how-the-fido-alliance-wants-to.html
…
2 Likes
I can eliminate a password faster than you can think one up.
4 Likes
Great, until one or more of those trusted devices breaks. What if you have a fire or flood? Now you’re locked out of everything.
14 Likes
Sounds like a great way to sell devices.
11 Likes
I’d be surprised if the Fido Alliance’s scheme is as well thought out as SQRL.
1 Like
I have a company-issued laptop and a company-issued phone. I spend all day on my work laptop, so it will most likely be a trusted device.
Now, when I’m fired on the spot, I’m forced to return both devices… does that mean IT could easily reset my passwords and fuck up any account(s) I have used with them?
4 Likes
Although this might sound like weaker security, it’s actually secure.
It’s actually a way to force me to carry two devices. And users who manage fine with one device?
These are not your target market, Fido, eh? Well, up yours.
Plus what @MalevolentPixy said.
2 Likes
Swordfish?
3 Likes
Not so great for people who don’t own a device let alone two.
1 Like
An attacker wanting to impersonate you would need physical possession of two of your trusted devices, and to be logged in to both.
This statement is total nonsense. Any sort of authentication on a remote server/service knows nothing of your physical possessions. An attacker or spoofer doesn’t need physical access to jack squat. They only need to figure out how to fake like they have the minimum requirements, and, with computers, that’s always a particular combination of electric signals, codified as 1s and 0s, codified again as text.
This scheme replaces a password stored in your head with a cryptographic key stored on your devices. It’s not exactly easy to fake having a particular 2048-bit randomly generated key, unless you have the device it’s stored on.
You can have more than one trusted device. You’d only need to have one of them at any given time to access your account.
You’d only be locked out if they all break simultaneously.
2 Likes
Oh yeah? What if you have access to the device it’s stored on?
Most modern devices have a secure coprocessor in hardware which can generate and store keys in such a way that the key material cannot leave the device.
Of course no system is perfectly secure, but this is a huge improvement over a password.
1 Like
I didn’t like that one so I changed it.
3 Likes
Generally, how these things work is that when you sign up you’re given a few one-use long random keys that you print out and store in a safe location. Then, if you need to recover your account(s) because of a disaster that destroyed multiple physical devices you can do so using those one-use passwords.
It’s inconvenient, but it does work.
1 Like
Thirty years from now, I look forward to the article that talks about the exciting new introduction of something called “passwords”, that involves remembering a unique bit of text to access your MindLink™.
As someone who carried a 2fa card back in the mid-90s, everything old is new again.
1 Like
Just use SQRL. No passwords. No shared secrets and it’s free. Hopefully this will become the standard in the future. Created by one of the leading experts in security over the last five years, it’s just been released. Do yourself a favor and read up on it.
-
FIDO2 is a bad protocol being pushing by corporate interests (mostly Google) with ulterior motives (mostly creating lock-in). It protects against phishing quite well, but no better than U2F. At the same time it introduces whole classes of vulnerabilities centered around the fact that it reduces authentication to physical possession of a particular device. The big ones off the top of my head: (1) If the device itself is insecure, you’re fucked (and smartphones are a security dumpster fire); (2) Mere theft of the device is sufficient to achieve unauthorized authentication; (3) You have no protection against legal/extra-legal seizure of your device to achieve unauthorized authentication – both in the practical sense that it’s easier to forcibly/coercively take your phone than to beat a password out of you, and also in the legal sense that generally (but subject to some large, ill-defined exceptions) the 4th Amendment protects your right not to divulge a password, but it definitely does not protect your right not to turn over an object; and (4) The loss/theft of your device is a major pain in the ass, and may lock you out of your account if a backup means access isn’t in place.
-
For my money, the most secure authentication method today is a password with north of 75 bits of entropy PLUS a U2F dongle second factor. A few notes on this:
a. Remember that entropy is a measure of the method by which a password was generated, not the password itself, and one should start with the assumption that the adversary knows all details of the method and is only ignorant of the inputs.
b. In the future, U2F ought to be revised to use post-quantum algorithms. Specifically McEliece and Merkle Signature Scheme.
c. It’s important that the second factor dongle is a dedicated, limited purpose piece of hardware. You’ve got no hope of securing the general purpose computer with embedded radios that is a smartphone. With a limited purpose device, maybe the attack surface can be small enough that you stand a chance of getting it right.
d. Not all dongles are U2F. Other protocols like TOTP are markedly inferior. -
@ Dallas, @ squishybrain: Please stop flogging SQRL. It’s a joke. Borderline snakeoil even. There isn’t even a substantive academic review of SQRL because no one takes it seriously enough to spend their time on it. You can, however, easily find a fair number of amateur takedowns on the web that correctly identify major flaws.
3 Likes
But this applies to passwords too. If I enter my password into a compromised device then my password is compromised.
I haven’t used Google services in a while, but Apple’s version of device authentication is still two factor, where my device won’t authorize account access until I unlock the device using either biometrics or a password.
This is trying to replace password logins on websites (maybe, if you’re lucky, password plus SMS based two factor). It’s a huge improvement over that baseline, especially when the vast majority of people are reusing weak passwords across many accounts.
SQRL was only released less than six months ago. I doubt that would be enough time for an academic review to appear so that straw man can be disregarded.
First you criticize SQRL for not having academic support then you try to support your argument with “amature takedowns”. Look, you might be correct that SQRL is not good. I suspect not but still you need to do a better job to convince me. The developer spent the last five years on the project, giving up work on his bread and butter app, so it’s likely that he, and the other security experts that have helped in the development, don’t think it’s “a joke”.
