Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

FIDO Authentication & Blockchain

6,606 views

Published on

With both FIDO authentication and blockchain based on the cornerstones of strong cryptography, the two are a natural fit to help propel secure, user-centric applications.

Published in: Internet
  • Be the first to comment

FIDO Authentication & Blockchain

  1. 1. All Rights Reserved | FIDO Alliance | Copyright 20171 FIDO AND BLOCKCHAIN
  2. 2. All Rights Reserved | FIDO Alliance | Copyright 20172 node node node node node Cloud servers User on a PC or a smartphone Industrial sensor / IoT node node node Connected object Blockchain/IT trusted zone Physical world absence of trust Is this really you? Am I allowed to executethis transaction? Critical temperature data Did the driver gotswitched?  Without trust, data has no actionable value
  3. 3. All Rights Reserved | FIDO Alliance | Copyright 20173  FIDO : Better identity, using strong cryptography  Blockchain applications : Better trust, using strong cryptography  Foundations of innovative privacy aware, user centric applications relying on strong cryptography
  4. 4. All Rights Reserved | FIDO Alliance | Copyright 20174  Private keys are the corner stone of Blockchain applications  Asset ownership is linked to the ownership of private keys for all blockchains  Need for innovative solutions to create better backup schemes  Need to protect the user against malware
  5. 5. All Rights Reserved | FIDO Alliance | Copyright 20175  Evolution of Bitcoin-aware malware  Sweeping private keys  Faking Bitcoin addresses copy/pasted in the clipboard  Fake wallets  Attacks on original wallets RNG
  6. 6. All Rights Reserved | FIDO Alliance | Copyright 20176  Need for new security devices  Letting the user verify the action being performed  Validating user consent  Flexible to support multiple Blockchains
  7. 7. All Rights Reserved | FIDO Alliance | Copyright 20177  U2F stack Web browser U2F device U2F bearer support (USB, BLE, NFC) U2F Javascript API
  8. 8. All Rights Reserved | FIDO Alliance | Copyright 20178  U2F registration U2F device Third party Registration request (challenge, origin) Generates keypair Registration response Public Key Key handle (encrypted private key as a blob) Attestation and signature
  9. 9. All Rights Reserved | FIDO Alliance | Copyright 20179  U2F authentication U2F device Third party Authentication request (challenge, origin, key handle) Authentication response Counter Signature
  10. 10. All Rights Reserved | FIDO Alliance | Copyright 201710  Mnemonic phrase  Encoding entropy as a set of words (BIP 39)
  11. 11. All Rights Reserved | FIDO Alliance | Copyright 201711  Derive a set of keys from a master key (BIP 32)
  12. 12. All Rights Reserved | FIDO Alliance | Copyright 201712  Applications for U2F  Recoverable devices  Simple key derivation (key handle can be a BIP 32 path associated to a proof of correct seed)  Still an issue with the counter when recovering
  13. 13. All Rights Reserved | FIDO Alliance | Copyright 201713  U2F authentication tunnel Web browser U2F interface U2F bearer support (USB, BLE, NFC) U2F Javascript API U2F tunnel device Blockchain Web app Request in key handle Response in signature Request Response
  14. 14. All Rights Reserved | FIDO Alliance | Copyright 201714  More collaboration expected in the future  Self sovereign identity concepts Cryptographic proof of user identities FIDO Bitcoin Wallet Immutable ClaimsImmutable ClaimsImmutable Claims Bitcoin’s BlockchainBindings decided by the user (creation, proof, removal)
  15. 15. All Rights Reserved | FIDO Alliance | Copyright 201715 QUESTIONS ? NICOLAS@LEDGER.FR @BTCHIP

×