True2F: Backdoor-Resistant Authentication Tokens

We're back again with another Duo Tech Talk! This time, we're excited to host Emma Dauterman (https://cs.stanford.edu/~edauterman/) to share her work on backdoor-resistant U2F tokens! Emma is an M.S. student at Stanford University, where her research focuses on systems, computer security, and applied cryptography. Her recent work has been inspired by the limitations of otherwise well-functioning systems with a focus on authentication. She also completed her B.S. in computer science at Stanford.

In this talk, Emma will discuss the design and implementation of True2F, a system for second-factor authentication that provides the benefits of conventional U2F authentication tokens in the face of phishing and software compromise, while also providing strong protection against token faults and backdoors. To do so, they develop new lightweight two-party protocols for generating cryptographic keys and ECDSA signatures, and implement new privacy defenses to prevent cross-origin token-fingerprinting attacks. To facilitate real-world deployment, their system is backwards-compatible with today’s U2F-enabled web services and runs on commodity hardware tokens after a firmware modification. A True2F-protected authentication takes just 57ms to complete on the token, compared with 23ms for unprotected U2F.

Paper: https://arxiv.org/pdf/1810.04660.pdf

Livestream on youtube 6:30pm: https://duo.sc/techtalk-april-2019