Open keikoit opened 4 years ago
Kieun
commented
4 years ago You can imagine that you just click some hardware buttons (to get consent securely from the user or prove user presence rather than verifying user) to generate fresh signature for authentication, authorization or others. E.g., Android platform has a feature called Android Protected Confirmation.
maxhata
commented
4 years ago You mean this?
https://android-developers.googleblog.com/2018/10/building-titan-better-security-through.html
Providing backing for the Android Strongbox Keymaster module, including Trusted User Presence and Protected Confirmation. Titan M has direct electrical connections to the Pixel's side buttons, so a remote attacker can't fake button presses. These features are available to third-party apps, such as FIDO U2F Authentication.
I wonder if there is any public document describing the same for iPhone.
Since not many readers know about this feature, I think we need to add a foot note to briefly describe what the description in the table means.
In the table "Physical manifestation of the authenticator" on "1. Overview", there is a mention about Not-user-verifying Platform Authenticator as defense-in-depth against malware. In the note, there is a following explanation "This combination is mostly applicable in enterprises that require frequent malware-resistant credential refreshes, but is not covered in this guide."
What is a Platform Authenticator without User Verlification, for example? Also, what specific use cases and assumptions do companies that need to refresh their malware-resistant credentials frequently? It would be greatly appreciated if you could give us a supplementary explanation.