I’m reading this paper from Yubico on Universal Second Factor
and OpenID Connect and see the description about ephemeral keys
I’m confused on when a ephemeral key is used, and under what conditions they are cached.
From the Yubico document.
Page 7:
U2F does have a trust chain similar to the certificate authorities found in traditional PKI, but this
is not tied directly to the key pairs issued by the U2F device. Instead, this trust chain is tied the
device’s identifier certificates. These device certificates are used alongside the ephemeral keys
to identify the device itself (or a batch of devices), allowing knowledgeable RPs to make
informed decisions about which device manufacturers they are willing to accept.
Page 9
Why would such caching systems be widely used when they clearly subvert a fundamental
aspect of the security components? A system that constantly prompts a user for the same PIN
again and again is likely to be ignored or rejected by users annoyed at the constant prompting.
The use of a credential cache is often considered a reasonable tradeoff. However, the U2F
design avoids having to make this tradeoff decision in the first place by explicitly declaring that
the ephemeral keys are used to identify the device alone.
Continue reading In the context of FIDO U2F, when is a new ephemeral key reused, or cached?→