On Mo, 08.03.21 18:29, Christian Kastner (ckk@xxxxxxxxxx) wrote:
> On 07.03.21 23:34, Lennart Poettering wrote:
> > Right now whether to require the FIDO2 PIN is not configurable. We
> > could make it configurable though, so that you could use it in 1FA
> > situations.
>
> I myself am only interested in 2FA; I misread the documentation as the
> current implementation being 1FA, but that misunderstanding is now
> resolved. Thanks!
>
> If I understand src/cryptsetup/{cryptsetup-fido2,cryptsetup}.c
> correctly, then the PIN is used as input to the security token, and
> whatever the token returns is base64-encoded and then used as the key
> for LUKS, right?
>
> If so, I wonder whether this isn't vulnerable to physical USB attacks
> (see [1] for an example how simple this can be).
The way I read the FIDO2 spec the PIN is sent over the USB wire encrypted
with a shared secret that authenticator and host first securely agreed
on, to make such man-in-the-middle attacks are not possible. Moreover,
once the PIN is configured on the device it is never passed at all
anymore, but just hashes of it when authenticating.
Hence, to my knowledge there's no reason to second guess that and do
another level of password checking separately from that.
> As I mentioned earlier, I speculate that the fido2luks project hashes
> the password before FIDO2, and then again with the FIDO2 response, to
> alleviate this.
It would be easy for us to combine the FIDO2 secret we acquire with a
user supplied pw that never is seen by the FIDO2 libraries, all before
passing it to the next layer, but as mentioned I don't think this is
necessary, the FIDO2 spec is well enough designed to make this
unnecessary.
But then again, I am not a security analyst nor cryptographer. Maybe
the FIDO2 spec has a vulnerability there, but the way I read it it
already addresses that. Maybe better ask FIDO2 community for more
information on this, and whether their "clientPin" feature is
reasonably safely designed.
Lennart
--
Lennart Poettering, Berlin
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: systemd-crypttab: FIDO2 and passwords
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: systemd-crypttab: FIDO2 and passwords
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Mon, 8 Mar 2021 21:24:41 +0100
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <e8668f52-b92e-0f20-7a11-0a95c70b1d34@debian.org>
- References: <ee8d8b1e-562b-d5e7-3bb8-4c7bdc6a96d9@debian.org> <YEVU86xmVu56jxE1@gardel-login> <e8668f52-b92e-0f20-7a11-0a95c70b1d34@debian.org>
- Follow-Ups:
- Re: systemd-crypttab: FIDO2 and passwords
- From: Christian Kastner
- Re: systemd-crypttab: FIDO2 and passwords
- References:
- systemd-crypttab: FIDO2 and passwords
- From: Christian Kastner
- Re: systemd-crypttab: FIDO2 and passwords
- From: Lennart Poettering
- Re: systemd-crypttab: FIDO2 and passwords
- From: Christian Kastner
- systemd-crypttab: FIDO2 and passwords
- Prev by Date: Re: systemd-crypttab: FIDO2 and passwords
- Next by Date: Re: systemd-crypttab: FIDO2 and passwords
- Previous by thread: Re: systemd-crypttab: FIDO2 and passwords
- Next by thread: Re: systemd-crypttab: FIDO2 and passwords
- Index(es):
 |