Dropbox announced that it will support the Universal 2nd Factor (U2F) second-factor authentication protocol on computers that use Intel’s Kaby Lake chips. Dropbox had already enabled support for U2F “security keys,” but this solution is meant to be more convenient for most users.
Universal 2nd Factor (U2F)
U2F is a second-factor protocol designed by the Fast Identity Online (FIDO) Alliance, which includes members such as Google, Microsoft, Intel, ARM, Qualcomm, and many other companies.
U2F is an open authentication protocol that acts similarly to a smart card, providing users an additional protection in case the credentials for some of their online accounts are stolen. A physical security token or a smart card is currently considered the most secure two-factor authentication method. It’s above mobile apps such as Google Authenticator or Authy and above SMS authentication, which NIST has already recommended to be deprecated as it has proven to be too insecure.
Increasing Convenience For Two-Factor Authentication
Although using a second factor security key isn’t all that complicated or frustrating to use, there are some who may wish it was a little easier or that they didn’t have to carry a USB security key around all the time that may get lost.
With Intel’s built-in support for U2F in its latest Kaby Lake chips, physical two-factor authentication may have just gotten even easier to use than even SMS-based two-factor authentication.
Intel said that after the U2F support is enabled in Dropbox--or other apps that support its U2F implementation--users only have to press a button on their computers’ screen to confirm that the U2F public key is generated by the owner of that U2F module and not by a remote attacker trying to access their online account.
“With Intel technologies, we implement the FIDO U2F protocol and are thus FIDO U2F compliant. The external USB key is replaced by a check for user presence that is implemented through a technology called protected transaction display, which renders that screen opaque to malware,” an Intel spokesperson told Tom’s Hardware.He added that “Instead of inserting an external USB key the user will simply click an ‘ok’ button on the screen to verify user presence and this is what we call the built in or integrated security key. That screen is protected in Intel's converged system manageability engine (CSME).”
Dropbox Adopts Kaby Lake U2F
Dropbox had already adopted the U2F protocol last year, a few weeks before reports that 68 million Dropbox accounts were exposed in a data breach, by implementing support for U2F-enabled Yubikeys.
Dropbox is now adopting Intel’s “built-in” solution, but as we’ll soon see it’s more of a convenience feature over SMS and app-based two-factor authentication than a method that’s just as secure as a regular hardware security key, such as a Yubikey.
A Dropbox representative told us via email that the registration process works as follows:
“Dropbox users can register multiple U2F keys (and thus multiple key pairs) for use on Dropbox. The U2F security key is "tied" to the user's account in the following sense: per the standard, during U2F registration, the security key generates a site-specific key pair for Dropbox. The private key never leaves the security key's hardware. Dropbox ties the public key and a Key Handle (essentially a key identifier) to the user's account. A different security key that has not been registered on the user's account will not have that user's private key and thus cannot be used to sign into the user's Dropbox account."
The Issue With Dropbox’s (And Other Players') U2F Implementation
As we can see, Dropbox is saying that nobody with a different U2F key can log into your account (assuming they had already stolen your Dropbox credentials as well), because Dropbox will only recognize the private key in your computer’s built-in U2F component.
So far, so good. The “problem” is that U2F, although an open standard that’s been available for at least the past couple of years, hasn’t been widely adopted yet. That means that if you’d want to login to Dropbox on a mobile device that doesn’t support U2F, you’d find yourself unable to login, because the service can’t identify your laptop’s U2F key.
As a workaround, Dropbox requires users to enable SMS or app two-factor authentication as well. That means both the SMS/app authentication will essentially work in parallel on other devices alongside the Intel U2F authentication enabled for your Kaby Lake PC.
This is where a security issue may appear, at least if you don’t believe SMS or app authentication are secure enough and, in some cases, they aren’t. If Dropbox users can authenticate to their accounts on other devices using a different form of authentication than Intel’s U2F, then an attacker could do that just as well. That means the security of the Intel U2F authentication for Dropbox is no better than the security of either SMS or app-based second factor authentication.
Other players, including Google, implement U2F authentication in a similar way, again because of a lack of adoption of U2F authentication right now, making it hard to use it unless it's available on all of users' devices.
Potential “Fixes”
Because Dropbox is specifically designed to work on multiple devices to sync files between them, the company isn’t left with much of a choice here. However, if it wanted to make the Intel U2F authentication as secure as normal security key authentication, it could remove the requirement for SMS/app authentication to work in parallel, and it could allow users to only use U2F as the second factor.
This could be combined with the ability to register multiple U2F keys in the Dropbox account, would allow users to benefit from the full security of U2F authentication, and only that. Users could even authenticate with U2F to the mobile Dropbox app through NFC-capable U2F security keys (such as Yubikey Neo).
Utilizing multiple U2F security keys to authenticate to multiple devices that have Dropbox on them could be done now as well. Even authenticating to the mobile Dropbox apps could work by using an NFC-enabled security key such as the Yubikey Neo.
However, there wouldn’t be much point to doing this now, if an attacker could still bypass all of those U2F keys with an intercepted SMS code that’s now mandatory to use for Dropbox users that enable U2F authentication.
Because the main point of built-in U2F authentication is convenience, Dropbox isn’t likely to change how the feature works and will likely prefer for U2F authentication to become ubiquitous before it removes the SMS/app authentication required registration.
However, as an additional layer of security, it could still send users email notifications whenever an U2F-enabled Dropbox account has been accessed with an alternative second factor authentication method.
If it’s the owner of the account doing it, then no harm done from receiving such a security notification that Google and other companies tend to send often as well whenever a user logs in from a different location, PC, or browser. However, if it’s an attacker trying to login to the user’s account with stolen credentials and SMS codes, then at least the owner of the account would be notified about it as well via email.
Ultimately, even SMS two-factor authentication is preferable to not using any two-factor authentication method at all, considering how often we keep seeing data breaches with tens or hundreds of millions of accounts being exposed these days. Therefore, services such as Dropbox that make two-factor authentication more convenient to use through the adoption of the U2F standard could increase its adoption significantly, thus improving the overall security of many more online accounts. The more accounts are protected by two-factor authentication the less impacted online services users will be by large data breaches--which often make other services' accounts vulnerable, too, because people tend to re-use their passwords.
Updated, 1/06/2017, 8:10am PT: After further discussions with Dropbox, we've updated the article to point out that other players in the technology industry tend to implement U2F and SMS/app-based authentication in parallel in the same way. However, this author still believes that because of this, the security of the U2F implementation is effectively no better than that of SMS/app-based two-factor authentication. But, as already mentioned, the simple fact that this is more automatic and thus more convenient should increase the overall security across Dropbox's accounts as more users start to enable Kaby Lake U2F authentication.
