Different PRF output when using platform or cross-platform authentication attachement

Privacy & Security General Local Authentication Passkeys in iCloud Keychain

Created Sep ’24

Replies 16

Boosts 0

Views 1.2k

Participants 7

Hello,

I am using the prf extension for passkeys that is available since ios 18 and macos15. I am using a fixed, hardcoded prf input when creating or geting the credentials. After creating a passkey, i try to get the credentials and retrieve the prf output, which works great, but i am getting different prf outputs for the same credential and same prf input used in the following scenarios:

Logging in directly (platform authenticator) on my macbook/iphone/ipad i get "prf output X" consistently for the 3 devices
When i use my iphone/ipad to scan the qr code on my macbook (cross-platform authenticator) i get "prf output Y" consistently with both my ipad and iphone.

Is this intended? Is there a way to get deterministic prf output for both platform and cross-platform auth attachements while using the same credential and prf input?

Answered by Systems Engineer in 826557022

Yes this was a bug. The PRF values returned over hybrid should match the ones returned locally for the same input. This issue should be fixed in the current iOS 18.4 and macOS 15.4 betas.

Boost

YTeam OP

We can still reproduce what looks like the same issue on current builds.

Filed with Apple as: FB22434584

We reproduce it in our app, and it is also reproducible using Corbado’s public PRF demo: https://webauthn-passkeys-prf-demo.explore.corbado.com/

Environment

iPhone on iOS 26.3.1(a)
Chrome 146.0.7680.153 on Windows 10

For the same passkey / same credential and same PRF input, we get different PRF results depending on same-device vs cross-device / hybrid authentication.

Relevant excerpts from the demo:

Registration (Windows / Google Password Manager)

credential id: Dbsf2W...
rawId: Dbsf2W...
PRF result: 07f318...

Same-device auth (Windows)

credential id: Dbsf2W...
rawId: Dbsf2W...
PRF result: 07f318...

Cross-device / hybrid auth (iOS QR auth -> Windows)

same credential id: Dbsf2W...
same rawId: Dbsf2W...
PRF result: 2444f1...

The request parameters are otherwise the same:

same RP ID
same allowCredentials
same userVerification: required
same PRF input (prf.eval.first, value "Corbado")

Also importantly, the very same credential, when used locally / same-device, produces the same PRF result as registration. The mismatch only appears on the cross-device / hybrid path.

This looks like the same bug class discussed here: same credential + same PRF input, but different PRF output for local vs hybrid authentication.

Appreciate it is possible that other stack components may also be involved, but I wanted to check whether this is believed to be fully fixed on current builds.