Advanced Topics

Challenge Expiration

While the lifespan of a challenge is not explictly defined in the U2F protocol, it is good practice to treat challenges older than X minutes as expired. The ideal lifespan of a challenge depends on the latency of the connection as well as the ammount of time permitted to a user to interact with their U2F authenticator.

Device counters

U2F devices sends an incrementing usage counter to the server upon authentication. This counter is stored internally by the U2F authenticator and increments on each authentication event. The U2F library uses this counter to prevent the use of cloned devices, comparing the counter submitted by U2F authentcator against the value submitted during the last successful authentication event for that U2F device. For this protection to work, you have to persist the device info after each authentication. However, all U2F compatible devices by Yubico uses tamper-resistant Secure Elements designed to mitigate attempts to clone the device.

Handling counter errors

If the U2F usage counter ever decrements, the device should be considered compromised and likely has been cloned. The best way to handle this depends on the application, the sensitivity of the user data protected, and the risk the permissions in the associated account have to other accounts and users. Relying Parties should treat such a counter error in the same manner as a compromised account, and follow established practices for locking down further unauthorized access. NIST’s Digital Identity Guidelines offer a well documented framework for responding to compromised accounts in the event such policies are not yet defined.