Automatic Dansk

Black boxes for security

What are authenticators?

Picture a black box with a limited API. It gives you access to generate a key pair inside the black box, to read the public key, and to sign data using the private key. But not in any way to read what the private key is. If you break the box open to see what it is, its memory self-destructs. There are, by design, no way that you, or anyone else, can see what the key is.

An authenticator is essentially such a black box.

In the real world theres of course a lot more to it. But for now, lets just take a look at the ways that authenticators are implemented.

Roaming authenticators

roaming authenticator

A roaming authenticator is a hardware key that interfaces with the users device through USB, NFC or some other short-range communication channel. It can have a sensor, to be able to register presence when the user touches it. Some roaming authenticators are multi-protocol. Be careful as they are easy to use incorrectly, and consequently not provide the security you think they do.

The most popular roaming authenticators are UbiKeys.

Platform authenticators

platform authenticator

A platform authenticator is a hardware key built into the users device. That means that a private key will be bound to that device. If the device is lost, the user should get another device and use that to generate a new key and onboard that.

In a PC the platform authenticator is typically a small module, that follows the TPM standard. Colloquially known as a TPM chip. PCs has been sold with TPM chips since the mid 00s.

In a mobile device the platform authenticator is a so-called Secure Element, or SE for short. Really the same type of chip used in smartcards. The coding of Secure Elements is not standardized. Mobile phones has been sold with Secure Elements since the mid 10s.

Virtual authenticators

virtual authenticator

A virtual authenticator is a key that is only implemented in software. Such a key can be practical in a virtualized environment, if you dont care too much about the security. It also allows a backdoor so that private keys can be synchronized. This is not possible with the other authenticator types.

Passkeys, in the sense of the Google and Apple products introduced 2022, are virtual authenticators.

Other terms

The term hardware authenticator applies to both roaming and platform authenticators.

The term cross-platform authenticator is just another way to say virtual authenticator.

The term passkey is quite confused. Some use it for any FIDO2 authenticators in general, some people use it as a synonym for virtual authenticators, and some use it specifically for the Google and Apple products.

authenticator overview

Trade-off

There is a trade-off between security and convenience for the three authenticator types.

Roaming authenticators are most secure but least convenient, as you have to remember to bring your key with you and fiddle around with it.

Platform authenticators are almost as secure as the roaming authenticators. They are hardware, but there is a software layer of operating system and application around it, that can be compromised. If this happened it could lead to malware authenticating on its own. But it would not lead to leaking of the private keys. On the convenience side, platform authenticators are better than roaming authenticators, as they are just there inside your device anyway.

Virtual authenticators are the least secure because they do not encapsulate the private keys. In fact they often synchronize them, so that security becomes closer to that of a password manager. They are more secure than passwords though. Those virtual authenticators that synchronize private keys, can be more convenient than platform authenticators when you onboard a new device. Also running just raw WebAuthn using hardware authenticators, without some trust infrastructure, can make multi-device usage awkward. In this situation the synchronized keys of virtual authenticators can be convenient.

Authentication

When you want to use an authenticator, you have to unlock it by entering a password. Or, what is equivalent, by scanning a fingerprint, making gestures, or something like that.

The data needed to check the password is in the authenticator and nowhere else (given that it is a hardware authenticator). So the users device is the only machine that sees the password. Authenticators require the authentication, or unlocking, to be local. So you have to enter your password directly to the device when you unlock the authenticator.

authenticator flow

That means that if only a users password was leaked, or only the users device was stolen, the security impact would be minimal. It would require both the password to be leaked and the device to be stolen for a bad actor to exploit it. Note also that exploitation now would require access to the device, limiting it to one bad actor at a time. Contrast that to classic password leaks, where the whole darknet can be exploiting it at the same time.

Because the authenticator password is so much less critical, requirements for password complexity and expiration can be much lower than for classical passwords. Through this authenticators can provide both a user experience and a security that is much better.

Related:
Authentication for generations
Password ponderings

Made by a human Licenses RSS feed