Milliways

What de.fac2? Attacking an opensource U2F device in 30 minutes or less

Hardware FIDO U2F tokens are security devices which are meant to defend user second factor keys from physical and remote attacks. In this presentation different security features and implemented by FIDO U2F tokens and how they are meant to protect a user from various attack scenarios. We will focus on the open source implementation of FIDO U2F token developed and Common Criteria certified by Federal Office for Information Security (BSI). Having access not only to the source code of the token applet, but the certification documents as well gives a unique opportunity of Finally, a design flaw in the solution is discussed (CVE-2022-33172) and an attack on hardware token security feature will be presented, which could allow an attacker in control of user PC to fake user presence and execute a number of unauthorized sensitive operations.
De.fac2 is a Common Criteria (CC) and FIDO certified FIDO U2F Java Card applet developed and certified by Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik). This solutions gives a unique opportunity to look at the internals of a FIDO U2F token as well as certification claims and product security features. The presentation introduces the process of identification of the design flaw in the product in under an hour as well as the testing of a vulnerability without access to the actual physical device. The vulnerability was disclosed to the Bundesamt für Sicherheit in der Informationstechnik and addressed in the updated commit https://github.com/BSI-Bund/de.fac2 The acknowledged bug was addressed by the developer with the following statement: The following attack scenario was reported to us by Sergei Volokitin: A reset command send by the reader to the card circumvents the user presence check. For example, malware on the host PC / smartphone could send a reset command to the reader programmatically. It is not possible for the card to distinguish if the reader sent a reset command or if it was physically removed from the reader. With reference to this scenario, the Guidance Documentation (AGD) and the Security Target (ST) were updated in July 2022 in a "Assurance Maintenance".

Additional information

Live Stream https://streaming.media.ccc.de/camp2023/milliways
Type Talk
Language English

More sessions

8/15/23
Milliways
Hardware Hacking Village
In this 2h workshop, I will teach you to work with the tiny components that modern electronic devices are made of. We will assemble an electronic kitten, that purrs when touched correctly, and hisses when touched wrong. It will work, and is guaranteed to remove your fear of hand-assembling surface mount designs.
8/15/23
Milliways
Milliways
The session proposes a quick overview of Frida, a dynamic instrumentation framework, and how it can be used to enhance our work during the runtime analysis of a mobile application. It will be a walkthrough on how hooking and rewriting functions in runtime may be helpful against anti-reverse engineering measures and SSL pinning mechanisms.
8/15/23
Milliways
Milliways Workshop Dome
Come learn how to hack networks without needing to piss off your housemates, local coffee shop, or the Feds! Bring your laptop and by the end of this workshop, everyone can walk away having intercepted some packets and popped some reverse shells.
8/15/23
Milliways
Milliways
MITRE ATT&CK (Attack Framework among friends) is intimidating sight at first, but is a great tool for risk identification, threat analysis, red teaming, DFIR and security management. Brief introduction to the topic with various examples.
8/15/23
Milliways
Hardware Hacking Village
Solder your own pathlighter badge to illuminate your surroundings at night.
8/15/23
Milliways
Milliways
This talk will show you how many interfaces have to communicate in order to fly experiments on a sounding rocket. We will give you insights into the procedures and the complexity of a research campaign and the actual flight of the rocket itself. In particular, we look at the hardware and software used in the Ground Support Equipment (GSE) and the Service Module (SM) within the rocket.
8/15/23
Milliways
Milliways
During the past few years, many people have started to use virtualized eSIMs instead of the classic physical chip card SIMs. Behind the scenes, a rather complex universe of protocols, interfaces, cryptographic operations, trust models and business processes are in operation to make this work. However, like many aspects of cellular technology, the knowledge of the technology behind it is not widely understood. - despite its ferquent use by a large user base. This talk aims to change that, as far ...