SAN FRANCISCO – One would hope the cybersecurity duo of FIDO2 and single sign-on (SSO) protections would be enough to ensure safe and secure access to business resources. But it’s not, specifically if a phishing ploy or an insecure Wi-Fi hotspot opens up a target to a man-in-the-middle attack (MitM).
“A determined adversary that has compromised a target’s communications can take advantage of a security gap when launching a session ID. FIDO2 and SSO authenticate the user, but my research shows the session token can be used in a MitM attack to gain access to protected resources like a Azure Management Console or Slack — you name it," Dor Segal, senior security researcher at Silverfort, said.
In the video below, Segal walks SC Media’s Tom Spring through his RSA Conference session titled ”Beginner’s Guide to Bypassing Modern Authentication Methods to SSO” delivered Monday.
Bypass synopsis: Spelling out the details
The adversary must position themselves as a "man-in-the-middle" and intercept communication between the victim and the authentication service or SSO provider. This is typically achieved through network positioning, such as being on the same unsecured Wi-Fi network, a compromised network infrastructure or a phishing attack.
Intercepting SSO traffic: During the Single Sign-On process, when a user authenticates via an identity provider (like using a corporate SSO that integrates FIDO2 for security), a session token is generated and sent to the user's client. This token proves the user's authentication status to various services.
For more real-time RSAC coverage from SC Media please visit here.
The attacker intercepts this session token by capturing the network traffic. Techniques might include exploiting SSL/TLS vulnerabilities to downgrade encryption or using compromised network equipment.
Exploiting the session token: Once the attacker has the session token, they can replay this token to impersonate the user, gaining unauthorized access to the user's sessions with various web applications. This is possible because the session token serves as proof of identity and authorization.
In more sophisticated attacks, an adversary can make a "refresh token" request, allowing the attacker to maintain access.
Continuation of the attack: The attack can persist as long as the refresh token remains valid, or until the user or the system revokes the compromised session or refresh tokens. This allows the attacker sustained access to the user's applications and data.
Preventing the attack
To mitigate the type of attack, where session tokens are intercepted and replayed by an attacker, one effective method is to implement Token Binding. Token Binding is a security protocol that ties security tokens to the TLS layer — binding the session and the user's tokens to the specific properties of the user's device and its secure connection.
Token Binding works to mitigate such attacks, but the SSO provider must configure its service to work with the client's browser, such as Microsoft Edge and Google Chrome. This security measure adds a critical layer of protection, particularly against MitM attacks.
Implementation of Token Binding in browsers
When Token Binding proposals were introduced, they saw limited enthusiasm and support.
Google Chrome initially supported Token Binding but later removed it around version 70. The removal was primarily due to low adoption across the web and the complexity it added to the web infrastructure. Microsoft recently added support for Token Binding in its Edge browser just months after Silverfort and Segal privately shared its bypass research with Microsoft.
Other security measures and protocols offer similar session token protection such as DPoP (OAuth Access Token Security Enhancement).
Segal recommends that infosec professionals work with their SSO providers to make sure that Token Binding, or some other types of protections, are in place to prevent credential theft that can lead to massive breaches.