Abstract:
FIDO Device Onboard (FDO) protocol is a zero-touch onboarding protocol designed to securely onboard devices. It is crucial to ensure that the protocol remains secure against potential risks. This thesis provides a detailed security analysis of the FDO protocol. The study primarily identifies potential attack scenarios related to Concise Binary Object Representation (CBOR) and CBOR Object Signing and Encryption (COSE), which are integral to the protocol. Security attacks and misconfiguration tests are conducted to identify possible threats. The thesis compares Intel’s FDO protocol reference implementation with DEVITY’s FDO implementation in KEYNOA. The findings highlight implementation-level security gaps in the implementations, and mitigation measures are proposed.