Hacker News new | ask | show | jobs
by jiveturkey 364 days ago
Not understanding forgery. What is being forged? You have the key material.

> I wanted cryptographic proof the signature is correct before trying to forge my own.

But you aren't forging anything? You are producing a signature from your own key material? I could be missing something important, certainly. But wouldn't this be earth shattering if you can forge a p256 signature? Apologies if I'm just not getting it.

> Today we will: ... Explore [...] cloning credentials.

Perhaps I didn't read it well enough yet, but I don't see any cloning going on here.

Lastly, a lot of work was done reverse engineering that could also have happened just from reading docs. I suppose from the POV of implementing a software passkey, it's useful to have written the tracing tools for help validating your own implementation. But it's presented as if you were uncovering a secret part of the protocol.

> Do Big Sites Care?

A more important question is: should they? Left as an exercise.

> reverse-engineering CTAP2 at the byte level,

Is it reverse-engineering? Feels more like decoding. Forgive me again if I didn't understand.
1 comments
kd5bjo 361 days ago
It’s an attack that lets the malicious actor hijack the passkey registration flow to insert a key that they know, so that they can later log in as the victim.
link
warkdarrior 361 days ago
If the computer where registration happens is not trusted, no authentication protocol will help. Compare this attack ("malicious computer substitutes passkey at registration time") with a password one ("malicious computer substitutes password at registration time").
link
lxgr 361 days ago
But unlike a compromised password, a compromised passkey can be detected much more easily, since the "real" key will end up not working, unless the attacker also adds it to the victim's account.
link
Ferret7446 360 days ago
Then it should be very obvious if the site displays the user's registered passkeys.
link
lxgr 361 days ago
That should be very noticeable to the victim though, right?

Their own key would not work (unless the attacker persistently MITMs them and swaps their own credential in for every subsequent authentication) or they'd see multiple credentials being present in their account.

It's also a good idea to send out an email for every new credential added.

link
jiveturkey 361 days ago
> Chrome needs to be started with remote debugging

Pretty confident that is out of scope for any reasonable threat model.

link