Research Article
Security Analysis and Bypass User Authentication Bound to Device of Windows Hello in the Wild
Table 1
Main functions used in the Windows Hello login process. We focus on the role that each function plays in the login process.
| Module | Function | Descriptions |
| BCrypt.dll | BcryptDeriveKeyPBKDF2 | Derive a key encryption key through hashing for PIN or | Crypt32.dll | CryptUnprotectDataNoUI | Decrypt all private keys with key encryption keys derived from BcryptDeriveKeyPBKDF2 function | NCrypt.dll | NcryptOpenKey | Generate key handler based on a key name | CryptSvc.dll | NgcDecryptData | Decrypt the authentication data for a device login | NgcCtnr.dll | DecryptPkcs1 | Decrypt with the first private key managed by the software key storage provider | SignHashPkcs1 | Sign challenge with the fourth private key for application login |
|
|