Macaroons are bearer credentials that implement flexible, cryptographically sound authorization and enable fast, stateless enforcement of arbitrary authorization policies without phoning home to single sign-on or other auth servers.
FIDO Universal Second Factor (U2F) is a widely deployed open standard for simple and inexpensive cryptographic hardware devices that provides an easy second factor for authentication.
This talk will provide an introduction to Macaroons and U2F, explain their cryptographic construction, and describe an open source project that combines them to provide an authentication and authorization system that completely eliminates phishing and defends against man-in-the-middle attacks.
Jonathan leads development of Flynn, an open source platform as a service that hosts apps and databases. Before starting Flynn, Jonathan was a security consultant, participated in various bug bounty programs, and co-architected Tent, an open, decentralized, communication and storage protocol.