November 19, 2022

A reader wants to know: why is FIDO(2) crap?

Passwords are inherently insecure, so we are told (not they aren't). It would be better to BUY into FIDO (no, it wouldn't).

FIDO is an authentication technology, build around public key cryptography, that’s supposedly superior to passwords. Public key authentication is nothing new. SSH on Linux, for example, had it for decades. It’s a simple challenge/response protocol that two parties can use to prove one’s identity to the other. So lets say, you create an account with an online service. Part of the registration is you uploading your public key. Whenever you want to log in later, the server will use your public key to send you an encrypted message. By correctly decrypting and sending it back, you proof to the server that you are in possession of the private key (and therefore probably who you claim to be). The system works, it is sound, but not necessarily more secure than password based logins.

The problem with FIDO is that the FIDO alliance would love to build a business model/ecosystem around Pubkey authentication. Now, standardizing protocols and drivers would be a good thing, but in this case, it comes with a heavy side dish of “walled garden”, in which alliance members can easily become the gatekeepers for your keys, if you don’t pay attention. Think of FIDO as the hardware version of “Log in with your Google Account”. The OAUTH(2) protocol may be an open, but Google has you by your balls nevertheless. FIDO even adds another twist on this, by effectively creating a tax on online accounts, you have to pay by buying the hardware tokens.

Still thinking on buying into the FIDO ecosystem? Then here are the things to keep in mind when comparing products:

  1. Your FIDO token must be dedicated hardware. A smartphone app will not do, neither will a FIDO stack build directly into the hardware. Your phone is too exposed (and probably full of exploitable security holes) to serve as a token.
  2. You must be able to extract your private key from the token with the standard tools of your operation system. If the token does not allow that, you are in a walled garden and the token’s manufacturer is your gatekeeper.
  3. The keys must be exportable in a standard file format (e.g. a keystore that can be read by openSSL). If you can’t transfer your keys between tokens of different manufacturers, you are subject to vendor lock-in.

The USB dongles, I have seen so far, do not allow cloning. Their manufacturers claim that this would undermine security and instead suggest that you register a second key with every account, which can be stored in a safe place and serve as a backup. This is as much a valid point as a blatant upsell. It will also do you no good, because, let’s face it, if you don’t follow best practises with passwords, then you won’t follow best practises with FIDO either.