With both FIDO authentication and blockchain based on the cornerstones of strong cryptography, the two are a natural fit to help propel secure, user-centric applications.

1. All Rights Reserved | FIDO Alliance | Copyright 20171
FIDO AND BLOCKCHAIN

2. All Rights Reserved | FIDO Alliance | Copyright 20172
node
node
node
node
node
Cloud
servers
User on a PC or
a smartphone
Industrial
sensor / IoT
node
node node
Connected
object
Blockchain/IT
trusted zone
Physical world
absence of trust
Is this really you?
Am I allowed to executethis transaction?
Critical temperature
data
Did the driver gotswitched?

Without trust, data has no actionable value

3. All Rights Reserved | FIDO Alliance | Copyright 20173

FIDO : Better identity, using strong cryptography

Blockchain applications : Better trust, using strong
cryptography

Foundations of innovative privacy aware, user centric
applications relying on strong cryptography

4. All Rights Reserved | FIDO Alliance | Copyright 20174

Private keys are the corner stone of Blockchain
applications

Asset ownership is linked to the ownership of private
keys for all blockchains

Need for innovative solutions to create better backup
schemes

Need to protect the user against malware

5. All Rights Reserved | FIDO Alliance | Copyright 20175

Evolution of Bitcoin-aware malware

Sweeping private keys

Faking Bitcoin addresses copy/pasted in the clipboard

Fake wallets

Attacks on original wallets RNG

6. All Rights Reserved | FIDO Alliance | Copyright 20176

Need for new security devices

Letting the user verify the action being performed

Validating user consent

Flexible to support multiple Blockchains

7. All Rights Reserved | FIDO Alliance | Copyright 20177

U2F stack
Web browser
U2F
device
U2F bearer support
(USB, BLE, NFC)
U2F
Javascript
API

8. All Rights Reserved | FIDO Alliance | Copyright 20178

U2F registration
U2F
device
Third party
Registration request (challenge, origin)
Generates keypair
Registration response
Public Key
Key handle (encrypted private key as a blob)
Attestation and signature

9. All Rights Reserved | FIDO Alliance | Copyright 20179

U2F authentication
U2F
device
Third party
Authentication request (challenge, origin, key handle)
Authentication response
Counter
Signature

10. All Rights Reserved | FIDO Alliance | Copyright 201710

Mnemonic phrase

Encoding entropy as a set of words (BIP 39)

11. All Rights Reserved | FIDO Alliance | Copyright 201711

Derive a set of keys from a master key (BIP 32)

12. All Rights Reserved | FIDO Alliance | Copyright 201712

Applications for U2F

Recoverable devices

Simple key derivation (key handle can be a BIP 32 path
associated to a proof of correct seed)

Still an issue with the counter when recovering

13. All Rights Reserved | FIDO Alliance | Copyright 201713

U2F authentication tunnel
Web browser
U2F
interface
U2F bearer support
(USB, BLE, NFC)
U2F
Javascript
API
U2F
tunnel
device
Blockchain
Web app
Request
in key handle
Response
in signature
Request Response

14. All Rights Reserved | FIDO Alliance | Copyright 201714

More collaboration expected in the future

Self sovereign identity concepts
Cryptographic proof
of user identities
FIDO
Bitcoin Wallet
Immutable ClaimsImmutable ClaimsImmutable Claims
Bitcoin’s BlockchainBindings decided
by the user
(creation, proof,
removal)

15. All Rights Reserved | FIDO Alliance | Copyright 201715
QUESTIONS ?
NICOLAS@LEDGER.FR
@BTCHIP