On Apr 12, 2016, at 5:39 PM, Tony Arcieri <[email protected]> wrote:
> On Tue, Apr 12, 2016 at 8:28 AM, Ron Garret <[email protected]> wrote: > Some hardware tokens have an input device built in (usually a push button, > sometimes a fingerprint sensor) which needs to be activated before the token > will operate, but these are still subject to phishing attacks > > Not to rain on your parade, but if you're talking about authentication > contexts, U2F solves the phishability problem by deriving domain-separated > keys per origin, so it's not possible for an attacker to leverage it for > phishing purposes. This HSM is much more general-purpose than a U2F token. It could be used as a standalone bitcoin wallet a la Trezor. It can be used to decrypt messages and display them on the built-in display so that even an adversary with root accesss to your laptop couldn’t read the cleartext. The firmware doesn’t support this yet, but it’s a mere matter of programming :-) But even U2F tokens can be phished for some value of “phished”. It’s true that you can’t extract the keys, but if an attacker owns your machine and you have a U2F token installed, the attacker can log into any site you can log into. Even if the token has a button you need to push to activate it, it’s probably not hard to fool most users into pushing the button to authorize an authentication for an attacker. With a display, the token can say, “You are about to authorize…” and describe exactly what it is that it is being asked to do so that you know what you’re authorizing in a way that an attacker cannot control even with a completely compromised client. rg
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
