The FIDO Approach to Privacy Hannes Tschofenig, ARM Limited 1.

Slides:

Advertisements

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Advertisements

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Fast IDentity Online – a new industry alliance formed to develop technical standards that enable Internet Services to use Simpler Stronger Auth solutions.

MyProxy: A Multi-Purpose Grid Authentication Service

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Not Built On Sand. IT Has Scaled $$$ Technological capabilities: (1971  2013) Clock speed x4700 #transistors x608k Structure size /450 Price: (1980 

Cryptography and Network Security

9/11/2012Pomcor 1 Techniques for Implementing Derived Credentials Francisco Corella Karen Lewison Pomcor (

The Attestation Mechanism in Trusted Computing. A Simple Remote Attestation Protocol Platform TPM Verifier Application A generates PK A & SK A 2) computes.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

10/20/2011Pomcor 1 Deployment and Usability of Cryptographic Credentials Francisco Corella Karen Lewison Pomcor.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

 Guarantee that EK is safe  Yes because it is stored in and used by hw only  No because it can be obtained if someone has physical access but this can.

Electronic Transaction Security (E-Commerce)

Microsoft Ignite /16/2017 4:55 PM

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Using Digital Credentials On The World-Wide Web M. Winslett.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Use of Kerberos-Issued Certificates at Fermilab Kerberos  PKI Translation Matt Crawford & Dane Skow Fermilab.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

Chapter 8 Web Security.

CAMP - June 4-6, Copyright Statement Copyright Robert J. Brentrup and Mark J. Franklin This work is the intellectual property of the authors.

A Survey on Interfaces to Network Security

Key Management in Cryptography

1 Confidential Authentication Session Hannes Tschofenig.

魂▪創▪通魂▪創▪通 Use Case and Requirement for Future Work Sangrae Cho Authentication Research Team.

Chapter 10: Authentication Guide to Computer Network Security.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Trusted Computing Platform Alliance

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Passwords are not able to keep user safe.

Chapter 4 Getting Paid. Objectives Understand electronic payment systems Know why you need a merchant account Know how to get a merchant account Explain.

Proposal for device identification PAR. Scope Unique per-device identifiers (DevID) Method or methods for authenticating that device is bound to that.

Web Security : Secure Socket Layer Secure Electronic Transaction.

Module 9: Fundamentals of Securing Network Communication.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

A Flexible Access Control Model for Web Services Elisa Bertino CERIAS and CS Department, Purdue University Joint work with Anna C. Squicciarini – University.

Cosc 4765 Trusted Platform Module. What is TPM The TPM hardware along with its supporting software and firmware provides the platform root of trust. –It.

1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.

Building Security into Your System Bill Major Gregory Ponto.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

“The FIDO Alliance Today”

Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.

Proposed Privacy Taxonomy for IOT Scott Shorter, Electrosoft, These slides are based on work contributed to the IDESG Use Case AHG in January.

1. U2F Case Study Examining the U2F paradox 3 What is Universal 2 nd Factor (U2F)?

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Fermilab CA Infrastructure EDG CA Managers Mtg June 13, 2003.

Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.

Attribute Release and Scalable Consent \. Part of the original vision for federated identity and necessary for it to succeed Federated identity is less.

KMIP - Hardware Security Modules Meta-Data-Only (MDO) Keys Saikat Saha & Denis Pochuev Feb 2012.

KERBEROS SYSTEM Kumar Madugula.

Doc.: IEEE /0098r0 Submission July 2010 Alex Reznik, et. al. (InterDigital)Slide Security Procedures Notice: This document has been.

LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.

Technical Security Issues in Cloud Computing By: Meiko Jensen, Jorg Schwenk, Nils Gruschka, Luigi Lo Lacono Presentation by: Winston Tong 2009 IEEE.

EMI is partially funded by the European Commission under Grant Agreement RI Common Authentication Library Daniel Kouril, for the CaNL PT EGI CF.

05/03/2011Pomcor 1 Meeting the Privacy Goals of NSTIC in the Short Term Presentation at the 2011 Internet Identity Workshop Francisco Corella and Karen.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Modern User and Device Authentication  Biometric Fingerprints: Moving beyond Login  TPM Key Attestation: Binding a user and machine identities  Strong.

Microsoft Passport and Windows Hello Developer’s Guide to Windows 10 Build SDK Update Andy Wigley

Appropriate Access InCommon Identity Assurance Profiles

Electronic Payment Security Technologies

Preparing for the Windows 8. 1 MCSA Module 6: Securing Windows 8

Presentation transcript:

The FIDO Approach to Privacy Hannes Tschofenig, ARM Limited 1

Privacy by Design History 2 Ann Cavoukian, the former Information and Privacy Commissioner of Ontario/Canada, coined the term “Privacy by Design” back in the late 90’s. Idea was to take privacy into account already early in the design process. Cavoukian went a step further and developed 7 principles. It took years to investigate the idea further and to become familiar with privacy as an engineering concept.

Privacy Principles 3

4 No 3rd Party in the Protocol No Secrets generated on the Server side Biometric Data (if used) Never Leaves Device No Link-ability Between Services and Accounts De-register at any time No release of information without consent

FIDO & Privacy AUTHENTICATOR 5 USER VERIFICATIONFIDO AUTHENTICATION

Prepare 0 STEP 1 FIDO Authenticator FIDO Server App Web App 6 FIDO REGISTRATION

Prepare 0 STEP 2 FIDO Authenticator FIDO Server App Web App 7 TLS Channel Establishment 1 No 3rd Party in the Protocol

FIDO REGISTRATION Prepare 0 STEP 2 FIDO Authenticator FIDO Server App Web App 8 Verify User & Generate New Key Pair (Specific to Online Service Providers) Legacy Auth. + Initiate Reg. Reg. Request + Policy No release of information without consent

FIDO REGISTRATION Prepare 0 STEP 3 FIDO Authenticator FIDO Server App Web App 9 3 Legacy Auth. + Initiate Reg. Reg. Request [Policy] 1 2 Reg. Response 4 Verify User & Generate New Key Pair (Specific to Online Service Providers) No Secrets generated on the Server side

10 No Link-ability Between Accounts and Services Website A Website B FIDO REGISTRATION (On Multiple Sites)

FIDO REGISTRATION Prepare 0 STEP 4 FIDO Authenticator FIDO Server App Web App 11 3 Verify User & Generate New Key Pair (Specific to Online Service Providers) Success 5 Legacy Auth. + Initiate Reg. Reg. Request + Policy 1 2 Reg. Response 4 Biometric Data (if used) Never Leaves Device

PERSONAL DATA 12 Application-specific Data Depending on the service (e.g., shipping address, credit card details) User Verification Data Biometric data (e.g., fingerprint or voice template, heart-rate variation data) FIDO-related Data Identifiers used by the FIDO and protocols (e.g., public key, key handle) Data Minimization, Purpose Limitation and protection against unauthorized access Outside the scope of FIDO

THE BUILDING BLOCKS BROWSER/APP FIDO USER DEVICERELYING PARTY WEB SERVER FIDO AUTHENTICATOR FIDO SERVER FIDO CLIENT ASM TLS Server Key Cryptographic Authentication Public Keys DB Authentication Private Keys Attestation Private Keys Authenticator Metadata & Attestation Trust Store FIDO UPDATE 13

ATTESTATION 14 … … SE How is the key protected (TPM, SE, TEE, …)? What user gesture is used? 14 Can I be tracked using the attestation method? AUTHENTICATOR USER VERIFICATIONFIDO AUTHENTICATION

ATTESTATION & METADATA FIDO Server FIDO Authenticator Metadata Signed Attestation Object Obtain meta-data from Metadata Service or Other Sources Understand Authenticator Characteristic 15

ATTESTATION & METADATA 16 Basic Attestation A set of authenticators (of the same model) share one attestation certificate. Injected at manufacturing time Privacy CA Each authenticator has a unique “endorsement” key. Authenticator generates an attestation key and requests an attestation certificate from a Privacy CA (using the endorsement key) at run-time. Direct Anonymous Attestation (DAA) Each authenticator receives one set of DAA attestation credentials. Private key is unique to authenticator but unlinkable.

Mapping to Regulatory Requirements 17 FIDO privacy principles guided the work inside the FIDO Alliance on technical specifications. Interoperability tests and certification programs verify implementations. Regulation impacts those who deploy services. Intentionally, the FIDO principles are more detailed versions of already existing regulatory requirements. Upcoming whitepaper explains the regulatory requirements to FIDO-offered functionality. Offers mapping based on the European Data Protection Directive (95/46/EC) and the Identity Ecosystem Steering Group (IDESG) privacy principles.

Summary 18 With the work in FIDO we have been trying to exercise the privacy by design philosophy. Whitepaper explains the privacy principles. Those principles have been taken into account during the work on the technical specifications. Unique privacy characteristics: User verification happens locally at the Authenticator No centrally created or managed credentials. Reduced tracking capability.