Passkeys

Resources:

• https://passkeys.dev/
• https://fidoalliance.org/passkeys/

Overview

Basic idea: replace passwords - and login names.

Instead a device creates “keys” when registering with a service, that are later used for login.

These keys can be stored only locally, on external authenticators, or get synced through cloud services with other devices.

A passkey is tightly coupled to the website it was created for. The browser won’t use it on a different website, preventing phishing attacks.

External authenticators

FIDO U2F, FIDO2 CTAP1

For some time the standard for external (two-factor) authenticators was “U2F” (Yubikey, Nitrokey, …).

U2F doesn’t require any state on the authenticator; it doesn’t known which services it was registered with, but can derive unique keys for each service.

As it is stateless it isn’t suitable to replace a login identifier.

U2F was now renamed to “FIDO2 CTAP1”; U2F is not a “Passkey”.

FIDO2 CTAP2

This is the new protocol for external authenticators to act as Passkey; support for it is often just listed as “FIDO2”.

As it requires state on the key they can only store a limited number of “Discoverable Credentials”.

• Nitrokey 3: 20 keys
• Nitrokey FIDO2: 50 keys (“accounts”)
• Yubikey 5: 25 keys (Other Yubikeys: see Yubico Device Specifications)

If the specs say something about “unlimited” they are very likely talking about U2F, not CTAP2.

Todo

External authenticators try to store sensitive data in a protected way; they’ll likely use words like “tamper-resistant” to describe this feature.

It is unclear whether the “Discoverable Credentials” actually need such protection; after all the authenticator could still derive unique private keys from a single master secret, which would allow storing the “Discoverable Credentials” on way cheaper (and bigger) storage.

Todo

CTAP2 should also support CDA (“Cross-Device Authentication”) through a “hybrid transport”, i.e. using the phone (“CDA authenticator”) to authenticate on a PC (“CDA client”).

Unclear if there is a generic protocol for that?

Probably requires some kind of presence check via BLE (“Bluetooth Low Energy”) or NFC?

Terminology

FIDO2 CTAP

Client to Authenticator Protocols

FIDO U2F

Universal Second Factor

FIDO UAF

Universal Authentication Framework

WebAuthn

the standard for a Javascript API in browsers to support all this