doctorate PD:CC

July 16 at 2 p.m.


Doctoral Programme | Computer Science

Defense | Theoretical and Practical Security of Passwordless Authentication

Student | Luís Alberto Oliveira Rocha Esquível Costa


Date: July 16
Time: 2 p.m.
Venue: Room FC6 0.29


President:

Luís Filipe Coelho Antunes
Full Professor
Faculty of Sciences, University of Porto


Examiners:

Bogdan Warinschi
Professor of Computer Science
School of Computer Science, University of Bristol (UK)

Alexander Andrew Davidson
Assistant Professor
Department of Computer Science, Faculty of Sciences, University of Lisbon


Committee Members:

Bernardo Luís Fernandes Portela
Assistant Professor
Department of Computer Science, Faculty of Sciences, University of Porto

Manuel Bernardo Martins Barbosa (Orientador)
Associate Professor
Department of Computer Science, Faculty of Sciences, University of Porto


Abstract:

The rapid adoption of passwordless authentication, largely driven by the FIDO2 standard, represents a fundamental shift in online authentication. Traditional password-based mechanisms remain inherently vulnerable to a myriad of threats, including phishing and database breaches. By completely eliminating the reliance on passwords, FIDO2 aims to provide resistance against the systemic vulnerabilities that have compromised authenti cation systems for decades. However, the security of FIDO2 is not absolute, and while existing research has explored its security guarantees, some flaws in the protocol’s design that can be exploited to undermine the protocol’s security still persist.

In this work, we examine these flaws and their practical security implications, and then introduce formal countermeasures to address them. We begin by demonstrating that certain protocol design choices in CTAP2, one of the FIDO2 component protocols, create exploitable vulnerabilities, through the implementation of three proof-of-concept attacks that lead to the compromise of user account security, and show that a determined adversary can realistically carry out these attacks. We then shift our focus to the formal analysis of FIDO2, based on prior work from [1, 2], where we introduce two concrete modifications to CTAP2 that make it provably resistant to these attacks. We show that FIDO2, with our modifications, achieves stronger security guarantees. Finally, we integrate our proposed modifications in comercial implementations of FIDO2, demonstrating that they are simple to implement, have complete backwards compatibility with the current standard, and have minimal performance overhead.

Our findings demonstrate that FIDO2 can be hardened to deliver even stronger security guarantees while incurring in little to no perceivable cost in real-world usage scenarios.