Windows Companion Devices for Login
-
At the most recent Build conference Microsoft introduced this concept for logging into Windows 10 machines:
https://msdn.microsoft.com/en-us/windows/uwp/security/companion-device-unlockThe key things needed to make it work are:
-A Universal Windows Platform (UWP) companion device app for the companion device, downloaded from the Windows app store.
-The ability to create two 256 bit HMAC keys on the companion device and generate HMAC with it (using SHA-256).
-Security settings on the Windows 10 desktop properly configured. The Companion Authentication Service will require this PIN to be set up before any companion device can be plugged into it. The users must set up a PIN via Settings > Accounts > Sign-in options.Is it possible to create a ring that could support the HMAC requirements?
-
Huh?
We're doing a SSSS to overcome the security team's concerns. Have you been briefed from last Friday's conference call with the team?
Are you with MS?
-
By SSSS I assume you mean Shamir's Secret Sharing Scheme?
No I was not on any conference calls and I do not work for microsoft directly. I am just a windows developer with friends/contacts there. I typically try to bridge the gap when I find interesting technology that does not have full Windows App support and NFC ring is my new toy.
I was a little quick to post this question. After reading a little more it seems like it will be pretty simple to create a UWP App utilizing the new Companion Device API to unlock windows 10 devices. Potentially just utilizing the UID of the ring. However the Companion Device API is not a completely public API meaning you need to email microsoft and get registered to get approval to utilize it. I briefly read some posts and the kickstarter page that currently exists for creating something similar but I am not really aware of what technology is being used to do it. If there are no plans for you guys to try this any time soon then I was going to attempt to get registered for creating a generic UWP NFC app that lets you unlock windows utilizing the UID of any NFC device (which of course includes the ring). This is still all in the pre-release phase but microsoft is going to release it publicly with the Anniversary Update which i believe is happening sometime in early August.