Plans for importing keys (PIV, FIDO2, maybe using bip39?)

[colemickens]

Hi.

I'm curious what plans there are for importing keys, particularly into the (future) PIV app? And as a bonus, into the FIDO2 app, even on a non-hacker device?

Ledger (the crypto wallet) devices can reconstitute some keys from the device's core bip39 recovery phrase, and can do so for FIDO2 as well (to my understanding, upon restore they set the FIDO2 counters to current date to allow for "migrating" keys without violating rollback counters (not sure how this pans out in the real world, maybe that triggers some other detection)).

Maybe solo2 could have a solo2 provision --bip39-recovery "./config.toml":

• takes the bip39 recovery phrase on the terminal in some form, most try to do something fancier than just having the user type it (type it out of order, somehow on a more secure device, etc)
• takes a config toml file that specifies parameters for regenerating PIV keys and certificates (key type, size, extra parameters, date to lock in, etc)
• now the user can checkin their config file to their dotfiles/life-monorepo, and then one-shot configure their solo2 key
• maybe the config file could also take extra stuff - if the ndef payload is meant to be configurable, or if it is meant to holder owner information, etc

solo2-cli could be statically compiled and paired with ephemeral OS, etc.

Now devices are somewhat fungible, especially if FIDO2 root key could be restored as well.

For me, maybe the best outcome is it would give me an instantaneous answer for the 2FA-detractors that inevitably inquire about the scenario where they've lost all security devices, or failed to rotate them in a continuous fashion to retain access. Asking a user to save one really important recovery phrase might be easier than telling them they have to have a continuous chain of security keys that they also have to ensure they rolling-re-key across ... dozens of services. But also I strongly suspect that FIDO2 probably demands that this is not possible.

(just in case, I'm still interested in this idea even sans-FIDO2)

[colemickens]

related: https://0xcc.re/2022/02/01/dangerous-toys-anything-to-ed25519-ssh-keys.html

That could be ported to Rust; the bip39 passphrase, plus a key identifier (for the 3 different needed keys), plus an "optional password" could be the input to a similar bit of code in Rust, then use (planned PIV import functions on the Solo2) to import the key/cert.

[colemickens]

also relevant, prior art of ed25519 + HD + rust:

• https://github.com/typed-io/rust-ed25519-bip32
• https://docs.rs/iop-keyvault/latest/iop_keyvault/
• https://docs.rs/ed25519-bip32/latest/ed25519_bip32/

[nickray]

FIDO keys are not supposed to be cloned, so if anything it will be something highly experimental like the DiceKeys stuff for Solo 1.

[colemickens]

Ack, I've mostly accepted that this idea would be useful for PIV/GPG but not likely not very useful for FIDO2. I'm still interested, but it probably makes more sense to be an external tool. Hoping to get something going to and get PIV support staged up for when the piv app for solo2 is ready. :)

edit: wow this was full of typos. I'm not as interested in the FIDO2 bit and think the provisioning of GPG/PIV can be done in a tool other than solo2-cli.

[nickray]

In case you haven't seen it, there's also this proposal: https://www.yubico.com/blog/yubico-proposes-webauthn-protocol-extension-to-simplify-backup-security-keys/

However... it would need all clients (e.g. browsers) to buy in, so I'm not optimistic.

[shimunn]

Well it's sort of an chicken and egg problem once again, if no key supports it then no website has to bother either an vice versa.

[nickray]

Here's the idea I'm personally pursuing (response in matrix to the same question):

--

that's not planned... with the certified identity + agreement keys (https://docs.rs/solo2/latest/solo2/pki/index.html) in the devices, one thing i've been pondering (mostly for PIV though) is device-to-device transfers, so say at device reset you could configure enabling exports to a list of other devices. and then "sync" one key into another periodically. both this (adapted to FIDO) and initial seed injection are off the certifiable path for FIDO though in any case.

but there are more pressing issues with the FIDO app currently :)