This blog post is part 1 in a series of blog posts.
- NIST Passkeys Supplementary Guidelines: 2024 Part 1.
- NIST Passkeys Supplementary Guidelines: 2024 Part 2 Implementation.
NIST recently published a supplement providing guidance on the use of FIDO2 Passkeys, particularly syncable passkeys. This is a welcomed contribution to the community, providing much-needed clarity on how syncable passkeys can meet NIST AAL standards.
The original NIST digital identity guidelines for authentication 800-63B were first published in 2017, and since then, there’s been rapid advancement in authentication factors, particularly FIDO2 passkeys. Organizations typically use 800-63B as a policy reference, and NIST recognized their role in ensuring that their guidelines keep up with advancements. NIST has opted for a supplement paper to build on the authoritative 800-63B guidelines.
NIST has just completed a public consultation on SP 800-63-4 the draft update to SP 800-63 but felt it was necessary to provide guidance in an expedient manner via the supplement, as opposed to waiting for SP 800-63-4 to be finalized
In the first part of our analysis, we focus on the key changes and clarifying statements made in the supplementary publication. In a subsequent post, we dive deeper into the implementation recommendations and summarize the threat model and challenges with syncable passkeys.
What is an AAL?
NIST AAL, or NIST Authentication Assurance Level, refers to the guidelines set by the National Institute of Standards and Technology (NIST) for the assurance levels related to authentication processes in identity systems. These levels are part of the NIST Special Publication 800-63, which covers digital identity guidelines.
Here's a brief overview of the three Authentication Assurance Levels:
- AAL1: Provides some assurance that the claimant controls an authenticator bound to the subscriber's identifier. This level allows for single-factor authentication, such as a password or a PIN.
- AAL2: Provides high confidence that the claimant controls an authenticator bound to the subscriber's identifier. This level requires two different factors, which could be a combination of something you know (password), something you have (security token), or something you are (biometrics).
- AAL3: Provides very high confidence that the claimant controls an authenticator bound to the subscriber's identifier. This level requires the use of a hardware-based cryptographic authenticator and another factor. It is suitable for applications requiring a high level of security and fraud risk mitigation.
Key Takeaways
1. Syncable Passkeys Achieve AAL2
The supplement concludes that correctly configured syncable passkeys can provide a high level of confidence in meeting AAL2 requirements.
2. “Syncability” - Update on the Allowance of Cloning Authentication Keys
From the Supplement
In SP 800-63B, Section 5.1.8.1, Multi-Factor Cryptographic Software Authenticators, restricts the ability of an authenticator to “clone” a cryptographic authentication key from one device to another. Specifically, it states:
💡 Multi-factor cryptographic software authenticators SHOULD discourage and SHALL NOT facilitate the cloning of the secret key onto multiple devices.
The supplement now clarifies and recognizes that when configured and secured correctly, synchronization of cryptographic material across a “sync-fabric” is allowed, and the statement in 5.1.8.1 is superseded by the publication of the supplement (22nd April 2024). This requirement is also removed in the upcoming revised SP 800-63-4 document. It’s also recognized that sycnabiltiy is one of the key user experience traits of a synced passkey and should be viewed as a net positive when properly implemented.
The supplement further states the requirements to allow for “cloning/syncability” through the “General requirements for all uses of syncable authenticators.” Some of the key requirements include ensuring that the sync-fabric has an AAL2 assurance level on its own access controls and that the cryptographic operation is always performed locally on the device.
In addition to the general requirements, the supplement adds further requirements for the federal use of passkeys, with key requirements like ensuring end-point devices have mobile device management (MDM) and recommending enterprise attestation when it comes to the use of synced passkeys.
View the full list of requirements in the supplement “Incorporating Syncable Authenticators Into NIST SP 800-63B’
What is a sync-fabric?
The supplement’s glossary states that a sync-fabric, is - Any on-premises, cloud-based, or hybrid service used to store, transmit, or manage authentication keys generated by syncable authenticators that are not local to the user’s device.
In the world of synced passkeys, consumers commonly refer to this as their credential manager, such as iCloud Keychain and Google Password Manager. Other non-OS credential managers, like Dashlane, LastPass and Bitwarden also now offer syncability across their credential manager offerings.
Round-up
To round up the first part of our analysis, we at Authsignal feel it’s a great step forward in getting clarity on the syncable passkeys that fit into NIST’s digital identity guidelines. It’s also appreciated that NIST has provided risk-based general requirements and specific federal requirements.
In part 2 of our analysis, we touch on NIST’s implementation considerations, which further adds nuance and a risk-based lens to which FIDO2 Passkeys functionality is the most appropriate depending on context. We welcome such attention to detail.
Authsignal is a member of the FIDO alliance and is actively helping organizations uplift their customer account security and experience by adopting passkeys. We offer a range of drop-in solutions that have been tuned for the consumer and have seen incredible results on nationwide demographics and critical customer services.
.svg)
.png)
