MITM Attacks Can Still Bypass FIDO2 Security, Researchers Warn

FIDO2 (Fast Identity Online 2) authentication has been hailed for its security, protecting users from phishing, session hijacking, and some forms of MITM (Man-in-the-Middle) attacks. However, identity protection platform Silverfort suggests attackers might be able to bypass FIDO2 phishing-resistant protections under certain conditions using a sophisticated MITM technique.

Typical MITM attacks allow attackers to intercept user communication and steal login credentials but FIDO2 was designed to be immune to these attacks by using physical security keys, USB tokens, or biometrics. But, Silverfort’s security researcher Dor Segal discovered that FIDO2 isn’t immune to these threats.

For your information, developed by the Fast Identity Online (FIDO) Alliance, FIDO2 is based on public key cryptography in which a user registers with an online service and chooses an authentication mechanism like a USB token. The client device generates a public and private key pair. The public key is encrypted and shared with the service, and the private key is securely stored on the user’s device.

The problem occurs because most Web applications fail to protect session tokens after successful authentication, allowing attackers to steal them, impersonate the victim, and gain access to all applications via single sign-on (SSO).

That’s because third-party solutions like SSO create authentication sessions without protecting tokens and traffic sessions, which can linger for hours, unlike Transport Layer Security (TLS) mechanisms that encrypt traffic.

While TLS makes MITM attacks more difficult, attackers can still use methods like Address Resolution Protocol (ARP) poisoning, and Stateless Address Autoconfiguration (SLAAC) to secure MITM positions, waiting for the victim to use SSO to connect to a secure Web application, Segal noted.

If the subsequent session is not protected, the adversary can steal tokens, perform session hijacking, and impersonate the victim.

The research, published by Silverfort on May 10, 2024, examines three use cases:

• Entra ID SSO
• PingFederate.
• Yubico Playground

Yubico Playground tests FIDO security features, revealing session hijacking risks. Entra ID SSO has security but limits passwordless mechanisms, mainly FIDO2 whereas PingFederate uses third-party adapters, but MITM attacks can occur if developers don’t validate tokens.

According to the research, the weakest link in the SSO chain was SSO protocols, highlighting the need for robust authentication mechanisms.

****Security****

Organizations using FIDO2 to secure SSO authentication should change the default setting and enable token-binding when possible. Token Binding enables applications and services to securely bind security tokens to the TLS layer, preventing token theft and MITM attacks. This is especially important for developers who may not be security-savvy and are unaware of this option.

****Experts Opinion****

Jason Soroko, Senior Vice President of Products at Sectigo, shared his thoughts on Silverfort’s report, highlighting that the method should be checked for all authentication techniques.

“The FIDO2 bypass that Silverfort describes is something that needs to be considered for all authentication techniques because even though FIDO2 is based on a strong asymmetric secret, the SSO implementations mostly rely on a much less secure symmetric secret, usually a session token,” explained Jason.

“The attacker, in the worst-case scenario, can take a session token and authenticate as the victim. The main takeaway from this report is that we need to re-examine the idea of token binding and ensure that implementations of FIDO2 are not relying on a weak foundation,” he advised.

1. Extract encryption keys with Power LED is now possible
2. kr00k – Billions of Wi-Fi devices affected by encryption flaw
3. How to Prevent the Encryption Based Malware (Ransomware)
4. Future of Phishing Email Training for Employees in Cybersecurity
5. Nespresso Domain Hijacked in Phishing Targeting Microsoft Logins