Talk: Analysis of FIDO UAF Authentication, 12-1 ET Fri 3/3 Cryptographic Binding Should Not Be Optional

The UMBC Cyber Defense Lab presents

Cryptographic Binding Should Not Be Optional: A Formal-Methods Analysis of FIDO UAF Authentication


Ennis Golaszewski, UMBC Cyber Defense Lab

12-1pm ET, Friday, 3 March 2023, via WebEx

We present a formal-methods analysis of the FIDO Universal Authentication Framework (UAF) authentication protocol, and we present a case study that highlights the pitfalls of optional cryptographic binding by illustrating a man-in-the-middle attack against UAF authentication when cryptographic channel-binding is absent. We carry out our analysis using the Cryptographic Protocol Shapes Analyzer (CPSA) on two significant variations of the protocol: one using the four available channel-binding mechanisms, and one without channel binding. In our case study, we confirm the presence of a harmful protocol interaction in which an adversary, by transferring information from one protocol context to another, can compel a UAF client and authenticator pair to act as confused deputies that help authenticate the adversary to an honest server. Also, we demonstrate the feasibility of such an attack against existing, open-source FIDO implementations, and we suggest potential mitigations.

Our work aims to promote the importance of cryptographic binding in mitigating protocol interactions within the Dolev-Yao intruder model to mitigate man-in-the-middle attacks that exploit flaws in a protocol's structure. Protocol designers and policy makers must be aware that, if cryptographic binding is an optional feature of a protocol standard, then serious vulnerabilities may result. Additionally, we discuss the groundwork for incorporating cryptographic binding into network protocol specifications automatically. Cryptographic binding is a vital tool for resisting adversarial protocol interactions, and many existing and emerging standards, including UAF, do not bind adequately.

Ennis Golaszewski (golaszewski@umbc.edu) is a computer science PhD student at UMBC under Alan T. Sherman, where he studies, researches, and teaches cryptographic protocol analysis.

Host: Alan T. Sherman, sherman@umbc.edu. Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1pm.  All meetings are open to the public.

]]> The UMBC Cyber Defense Lab presents Cryptographic Binding Should Not Be Optional: A Formal-Methods Analysis of FIDO UAF Authentication Ennis Golaszewski, UMBC Cyber Defense Lab 12-1pm... https://beta.my.umbc.edu/api/v0/pixel/news/131367/guest@my.umbc.edu/f23547d99284c2ffca572a224be11d3f/api/pixel authentication cybersecurity fido Computer Science and Electrical Engineering https://beta.my.umbc.edu/groups/csee https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/xsmall.png?1314043393 https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/original.png?1314043393 https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/xxlarge.png?1314043393 https://assets4-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/xlarge.png?1314043393 https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/large.png?1314043393 https://assets1-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/medium.png?1314043393 https://assets2-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/small.png?1314043393 https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/xsmall.png?1314043393 https://assets3-beta.my.umbc.edu/system/shared/avatars/groups/000/000/099/d117dca133c64bf78a4b7696dd007189/xxsmall.png?1314043393 Computer Science and Electrical Engineering 0 0 true Wed, 01 Mar 2023 18:14:11 -0500 Wed, 01 Mar 2023 18:36:54 -0500