Re: [webauthn] Attestation privacy advice creates large scale security risks (#1127) from Rolf Lindemann via GitHub on 2019-01-11 (public-webauthn@w3.org from January 2019)

From: Rolf Lindemann via GitHub <sysbot+gh@w3.org>
Date: Fri, 11 Jan 2019 13:49:16 +0000
To: public-webauthn@w3.org
Message-ID: <issue_comment.created-453522019-1547214553-sysbot+gh@w3.org>

From a security perspective, there should also be an upper bound (e.g. some millions) for the number of authenticator instances using the same attestation private key.
See "A large number of authenticators sharing the same Attestation Certificate provides better privacy, but also makes the related private key a more attractive attack target." in https://fidoalliance.org/specs/fido-uaf-v1.2-rd-20171128/fido-uaf-protocol-v1.2-rd-20171128.html#authenticator-attestation 

FIDO ECDAA based attestation provides a better combination of privacy and security - since each authenticator uses a different attestation private key, but the public keys a "blinded" so two attestation signatures from the same authenticator instance cannot be attributed to the same authenticator instance - but only to the same authenticator model.

-- 
GitHub Notification of comment by rlin1
Please view or discuss this issue at https://github.com/w3c/webauthn/issues/1127#issuecomment-453522019 using your GitHub account

Received on Friday, 11 January 2019 13:49:17 UTC