With both FIDO authentication and blockchain based on the cornerstones of strong cryptography, the two are a natural fit to help propel secure, user-centric applications.
2. All Rights Reserved | FIDO Alliance | Copyright 20172
node
node
node
node
node
Cloud
servers
User on a PC or
a smartphone
Industrial
sensor / IoT
node
node node
Connected
object
Blockchain/IT
trusted zone
Physical world
absence of trust
Is this really you?
Am I allowed to executethis transaction?
Critical temperature
data
Did the driver gotswitched?
Without trust, data has no actionable value
3. All Rights Reserved | FIDO Alliance | Copyright 20173
FIDO : Better identity, using strong cryptography
Blockchain applications : Better trust, using strong
cryptography
Foundations of innovative privacy aware, user centric
applications relying on strong cryptography
4. All Rights Reserved | FIDO Alliance | Copyright 20174
Private keys are the corner stone of Blockchain
applications
Asset ownership is linked to the ownership of private
keys for all blockchains
Need for innovative solutions to create better backup
schemes
Need to protect the user against malware
5. All Rights Reserved | FIDO Alliance | Copyright 20175
Evolution of Bitcoin-aware malware
Sweeping private keys
Faking Bitcoin addresses copy/pasted in the clipboard
Fake wallets
Attacks on original wallets RNG
6. All Rights Reserved | FIDO Alliance | Copyright 20176
Need for new security devices
Letting the user verify the action being performed
Validating user consent
Flexible to support multiple Blockchains
7. All Rights Reserved | FIDO Alliance | Copyright 20177
U2F stack
Web browser
U2F
device
U2F bearer support
(USB, BLE, NFC)
U2F
Javascript
API
8. All Rights Reserved | FIDO Alliance | Copyright 20178
U2F registration
U2F
device
Third party
Registration request (challenge, origin)
Generates keypair
Registration response
Public Key
Key handle (encrypted private key as a blob)
Attestation and signature
9. All Rights Reserved | FIDO Alliance | Copyright 20179
U2F authentication
U2F
device
Third party
Authentication request (challenge, origin, key handle)
Authentication response
Counter
Signature
10. All Rights Reserved | FIDO Alliance | Copyright 201710
Mnemonic phrase
Encoding entropy as a set of words (BIP 39)
11. All Rights Reserved | FIDO Alliance | Copyright 201711
Derive a set of keys from a master key (BIP 32)
12. All Rights Reserved | FIDO Alliance | Copyright 201712
Applications for U2F
Recoverable devices
Simple key derivation (key handle can be a BIP 32 path
associated to a proof of correct seed)
Still an issue with the counter when recovering
13. All Rights Reserved | FIDO Alliance | Copyright 201713
U2F authentication tunnel
Web browser
U2F
interface
U2F bearer support
(USB, BLE, NFC)
U2F
Javascript
API
U2F
tunnel
device
Blockchain
Web app
Request
in key handle
Response
in signature
Request Response
14. All Rights Reserved | FIDO Alliance | Copyright 201714
More collaboration expected in the future
Self sovereign identity concepts
Cryptographic proof
of user identities
FIDO
Bitcoin Wallet
Immutable ClaimsImmutable ClaimsImmutable Claims
Bitcoin’s BlockchainBindings decided
by the user
(creation, proof,
removal)
15. All Rights Reserved | FIDO Alliance | Copyright 201715
QUESTIONS ?
NICOLAS@LEDGER.FR
@BTCHIP