Avoiding storing ceremony challenge by signing it when sending to client?

39 views
Skip to first unread message

Rick Mann

unread,
Mar 17, 2024, 8:20:41 PMMar 17
to FIDO Dev (fido-dev)
I have a WebAuthn question that might be in the weeds a bit. Passkeys have two operations: Registration and Sign In (Authentication). Both a have two steps: Step 1) request a challenge (some random data) from the server, and Step 2) sign it with your private key, and return the challenge and signature to the server.

The server then compares the challenge with the one it generated in Step 1, and verifies the signature. I don’t want to store that generated challenge from Step 1, so I'm thinking this would work:

In Step 1, the server generates the challenge and a short expiry date for it, signs both of those together, and sends them to the client along with the signature.

The client sends back this whole bundle along with its WebAuthn signature, and the server then validates the challenge and the WebAuthn signature.

Is this less secure than storing it on the server? I think it’s just like a JWT, so it should be just as secure, right?

Adam Langley

unread,
Mar 18, 2024, 11:25:37 AMMar 18
to FIDO Dev (fido-dev), Rick Mann
If the server is stateless, then the assertion response could be used multiple times until the challenge expires. Perhaps the challenge expires quickly enough that you don't care, although it can be difficult to be that strict when using conditional UI, where the login form can be outstanding for a long time.

There are many ways to handle challenges, and each may be considered reasonable in certain contexts (esp if the alternative is using passwords). The specs tend to suggest the simple & safe options.


Cheers

AGL
Reply all
Reply to author
Forward
0 new messages