Notes on A Tour of Webauthn

This is a Work In Progress (WIP).

A Tour of WebAuthn

Problems of passwords:

• too little entropy to resist brute-forcing
• password database leaks => hacker can sign in to the site AND credential stuffing
• vulnerable to phishing
• they can leak from many other parts of the software stack (e.g. logging, Javascript-injection attack => exfiltration)

U2F and Webauthn are systems of authentication based on public key signature schemes, like ECDSA, RSA, ML-DSA.

Abstractly, a public key signature scheme provides three operations:

$$ \text{generate}: \text{random_bits} \mapsto (\text{public_key}, \text{private_key}) $$

$$ \text{sign}: (\text{private_key}, \text{message}) \mapsto \text{signature} $$

$$ \text{verify}: (\text{public_key}, \text{message}, \text{signature}) \mapsto \text{boolean} $$

There are also some properties:

• it’s impossible to compute the private key from the public key
• it’s impossible to compute a signature without the private key

Simple authentication schemes using public key signature:

sequenceDiagram
    participant User
    participant Computer
    participant Website

    User->>Computer: Enter username
    Computer->>Computer: Run sign(privateKey, "let me in") → signature
    Computer->>Website: Send {username, signature}
    Website->>Website: Retrieve stored publicKey for username
    Website->>Website: Run verify(publicKey, "let me in", signature)
    alt signature valid
        Website->>User: Sign-in successful
    else signature invalid
        Website->>User: Sign-in denied
    end