Passkeys: avantatges i riscos d’aquestes noves credencials sense contrasenya

Passkeys: avantatges i riscos d’aquestes noves credencials sense contrasenya

Et pots imaginar un futur en què no calgui recordar contrasenyes? Aquest futur és cada vegada més a prop gràcies a les passkeys, un mètode d’autenticació modern adoptat per grans plataformes com Apple, Google, Amazon, eBay, Microsoft, PayPal, WhatsApp i TikTok. oaicite

Què són les Passkeys?

Les passkeys permeten iniciar sessió sense contrasenyes tradicionals. Els usuaris verifiquen la seva identitat amb un autentificador físic, com una empremta dactilar o reconeixement facial, similar a desbloquejar un smartphone. oaicite

Cada inici de sessió crea dues claus criptogràfiques:

• Clau pública: emmagatzemada pel lloc web o aplicació.
• Clau privada: guardada de manera segura al dispositiu de l’usuari. oaicite

Encara que la clau pública es vegi compromesa, no es pot utilitzar sense la clau privada, fet que augmenta la seguretat respecte a contrasenyes tradicionals. oaicite

Avantatges de les Passkeys respecte a les contrasenyes

Les passkeys ofereixen diversos beneficis:

1. Resistència a l’endevinació de contrasenyes: són claus llargues i aleatòries. oaicite
2. Eliminació de la reutilització de contrasenyes: cada passkey és única. oaicite
3. Resistència al phishing: només funcionen al lloc legítim. oaicite

També proporcionen una experiència d’usuari millorada i accessos més ràpids, especialment en dispositius mòbils. oaicite

Riscos de les Passkeys

Tot i ser segures, les passkeys poden comportar riscos si no s’implementen correctament:

• Absència de comprovació de signatura: pot permetre suplantació d’identitat. oaicite
• Confusió d’origen: atacs que redirigeixen autenticacions. oaicite
• Falta de verificació d’usuari: redueix la seguretat. oaicite
• Manipulació de peticions: vulnerabilitat a atacs cross-site. oaicite
• Ús indegut de comptadors de signatura: pot permetre autenticadors clonats. oaicite

Implementació segura

Les passkeys es basen en estàndards moderns com WebAuthn, que requereixen implementacions curoses per garantir la seguretat. oaicite

How exactly does a Passkey work?

For each website or application, two keys are created: a public key and a private key. You can think of this as a code consisting of letters and numbers. The public key is known to the website or app where you are logging in. The private key is linked to your personal device (such as your phone or laptop). The combination of these keys allows you to log in. If your public key gets exposed through a data breach, there’s no problem. Without your private key, a hacker can't do anything.

We will guide you through the advantages that Passkeys offer compared to traditional passwords. But, as you would expect from Computest Security, we will also discuss the potential risks of Passkeys in detail. More on this later.

Advantages of Passkeys compared to passwords

Passkeys offer several security advantages over traditional passwords. We have listed the most important ones for you:

1. Resistant to password guessing: Users often choose relatively short, easy-to-guess passwords. Something like Nameofchild123! or Streetnamehousenumber*… this happens more often than you think. Passkeys are so long that it’s impossible to guess them.
2. Prevents password reuse: Users often reuse the same passwords for different applications. This can happen to the best of us, but it’s certainly not ideal. This means that if one application is hacked, the attacker gains direct access to all applications where the same password is used. A Passkey prevents this danger.
3. Protection against phishing attacks: In a phishing attack, a user unintentionally enters their real password on a deceptive website created by a cybercriminal. This doesn’t work with Passkeys; the keys we mentioned earlier only work on the URL of the real app or website. This prevents phishing. Sounds much safer, doesn’t it?

Risks of passkeys

Thanks to these advantages, we expect that many organizations will soon support Passkeys. However, as with any innovation, there are also security risks involved. WebAuthn, the protocol on which Passkeys are based, is inherently very secure. But it must be correctly implemented by the supporting application. The protocol is complex and includes numerous checks that must be correctly performed. If this does not happen, it can lead to attacks where random, unsuspecting users' accounts can be accessed.

Let’s look at the risks of Passkeys:

• Missing signature check: Each authentication request contains data signed by a private key generated by the authenticator. This signature must be verified by the relying party. If this check is not performed, an attacker can log in as any user.
• Origin confusion: An attacker can invite a victim to visit a malicious relying party, say evil.com, and ask them to log in with the Passkey of the real relying party. The attacker can then forward the login attempt to the real website and log in as the user. To prevent this attack, a relying party must always check the Origin specified during the login attempt. Fortunately, this risk is minimized because correctly implemented authenticators also perform a double check on such attacks by verifying the Origin on their side.
• Missing checks for 'user presence' and 'user verification': With each authentication attempt, authenticators add flags for 'user presence' (is the user present during authentication) and 'user verification' (is the user verified, for example, via a PIN or fingerprint). Relying parties must verify the presence of both flags.
• Cross-site request forgery attacks: In this type of attack, an attacker tricks the victim’s browser into authenticating or registering on the attacker’s behalf. If this type of attack can be applied to the functionality of adding a new Passkey to an existing account, it can allow an attacker to take control of the user’s account. The attacker could then add their own Passkey to the victim’s account. WebAuthn is not designed to protect against such vulnerabilities by default, so it is important to implement separate protections against this type of attack.
• Missing counter check: To prevent the cloning of authenticators, authenticators send a signature counter that increments with each authorization request. If a relying party receives signature counters that do not increment (e.g., 17-11-18), it knows it is dealing with a cloned authenticator. Skipping this check makes it easier for attackers to use cloned authenticators.

Practical risks

Not only have we identified the risks associated with Passkeys, but we have also examined to what extent these problems actually occur in practice. We investigated five relying parties. During the investigation, we found one relying party vulnerable to Origin confusion, while three other parties did not correctly verify user presence and verification. We also encountered an application with a missing signature counter. Naturally, we informed the affected parties about the discovered vulnerabilities and provided solutions to resolve the identified issues.

Implementing Passkeys safely in your organization

We see a promising future where more and more organizations will use Passkeys. Are you curious if your organization is using Passkeys securely? At Computest Security, we can conduct a comprehensive security assessment to evaluate the safety of your implementation. Don’t hesitate to contact our WebAuthn specialists via our contact form more information or email [email protected].

Research in collaboration with a talented student

At DEFION Security, we encourage innovation in security technologies. In collaboration with academic institutions, we support research into new developments, such as Passkeys. Over the past six months, Peizhou Chen from the University of Twente has conducted his master’s thesis on this topic at DEFION Security under the supervision of Matthijs Melissen.

Dive deeper into the details

All information about the research is detailed in Peizhou Chen’s master’s thesis, available via this link.

At DEFION Security, we are proud of our collaboration with academic institutions to support research on current cybersecurity topics.