Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Windows Hello for Business Security Analysis and Authentication Protocol Deep Dive - Lecture 10

x33fcon via YouTube

Overview

Explore the internals and security aspects of Windows Hello for Business (WHFB) authentication protocol in this 41-minute conference talk from x33fcon. Dive deep into how WHFB credentials function within Azure AD, examining key provisioning processes, technical components, and token requirements. Learn about different WHFB flavors including Azure AD native and hybrid implementations, PIN setup procedures, and cloud Kerberos trust mechanisms. Discover identified vulnerabilities, attack vectors like device code phishing, and lateral movement possibilities within WHFB environments. Understand the implications of key storage, registration processes, and SSO data manipulation while analyzing the security implications of Kerberos Key Trust and TGT upgrade mechanisms.

Syllabus

Intro
Windows Hello (for Business)
Windows Hello for Business key points
Windows Hello for Business flavours
Azure AD native WHFB
Azure AD WHFB provisioning - PIN setup
WHFB Provisioning-technical components
WHFB Provisioning token requirements
WHFB provisioning response
Signed assertion with WHFB private key
Analyzing WHFB security
Analyzing key provisioning
Key provisioning flaws
Attack schematics
Get token with SSO data
Provisioning a new WHFB key
WHFB key storage
Registering WHFB keys directly on users
Registering a new WHFB key
Attack method: device code phishing
Alternative scenarios
WHFB Hybrid
WHFB Cloud Kerberos Trust
Lateral movement with WHFB
Request PRT for hybrid user
TGT Upgrade reply
Kerberos Key Trust consequences
Windows Hello for Business - conclusions

Taught by

x33fcon

Reviews

Start your review of Windows Hello for Business Security Analysis and Authentication Protocol Deep Dive - Lecture 10

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.