Yubico Forum

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-07-08T02:36:05+01:00

JakobE,

I understand the answer behind CryptGenRandom. While the explanation seems reasonable you have to also acknowlege that us, the end users have to trust someone some time and that by the mere fact that we have purchased Yubikeys that we have to trust Yubico in some form or another. If I didn't have the trust (albeit by proxy because of Steve Gibson's endorcement of the product and company) I would not have ordered the YubiKeys I did. To that end it would have been simple to generate the code for a Yubico RNG and make that portion of the software Open Source so it can stand up to the scrutiny of the implementers and users of the keys. Also I think that Steve Gibson would be more than happy to license the code to his Passwords site to Yubico for the purpose of the RNG.

Allowing us to paste a known, high entropy 32 byte hex string would be an outstanding feature. I'd love to try it out.

I belive that the reason for these forums is in fact to have that feedback loop to Yubico and to other users that might have the answers that we seek. So yes I would love to test and feedback the hardware & the new config tool to you and to this forum.

Statistics: Posted by WinstonWolf — Thu Jul 08, 2010 2:36 am

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-07-04T00:00:40+01:00

It seems like we got a bit stuck here. Maybe my response was a bit bullish and I feel I must have missed something.

The rationale behind using the CryptGenRandom function is simple - Instead of us supplying something home-brewed that most likely would rise quite a few questions, we rely on something that's proven and used by several applications and fits most needs. Not all, and it's not perfect. I would prefer to have a hardware RNG in all cases and we use that when we batch generate keys here.

grc.com/password does a better job - agree. What if we would simply add a new option in the config tool where you can paste in your 32 byte hex string and that would be used ? We'll then take half of the string into the fixed part and the remaining half into the AES key.

We like feedback and I would be pleased to offer you two new keys, supporting a 38 character scan-code. Please send an e-mail to jakob at yubico dot com and I'll send them together with an updated config tool. If I then can your feedback and understand if this solves your concerns, it's a deal for me.

With the best regards,
JakobE
Hardware- and firmware guy @ Yubico

Statistics: Posted by Jakob — Sun Jul 04, 2010 12:00 am

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-06-17T20:37:14+01:00

JakobE,

I’ll reply using the same outline you use so my answer a) corresponds to your statement a) and so on.

a)This statement is akin to me selling you a V8 engine and telling you that it delivers 400 horsepower without also adding the caveat that “ V8 engine delivers 400HP when all 8 cylinders are enabled, and I only enabled 4”. Your static page reference in the Yubico site need to explicitly say something to the fact that the 64 character password is limited to a ModHex16 and enumerate those characters. The page leads people to believe that one is capable of putting any text string in the static password mode and that is just not the case.

b)Indeed what I used was the Windows Yubikey Configuration Tool. Again I’ll take full responsibility for not diving into the bowels of the documentation before buying Yubikeys instead of only relying on the statements on http://www.yubico.com/developers/static/ .

c)I have used my own seeding the HEX values from separate runs of grc.com/password to input into the public, private and ID. I don’t really want more than 256 bits however repeated testing of using seeds from known good random HEX code from grc.com/passwords, the build in calls to GenCryptRandom, and using the “Single Rand” option the best I can get to output from the final 64 character password in the Yubikey is 157 bits – that is quite shy of 256.

d)32 or 38 characters clearly increase the depth to the capacity of the static mode password of the yubikey. However if you still have no way to allow the end user to program their own static password without the use of a Hex string it will still be less than the theoretical best it can achieve because it will still rely on either a call to CryptGenRandom or static Hex input from a user.

e)I’d love to have the skillset to program in a relatively modern language and generate a strong RNG that I can share with this community. However I don’t have time to learn a programing language at this time to accomplish this so I’m stuck using the formats available on the Yubico program.

I’m not into getting something for nothing; this is not at all my intent. Can the keys I own be sent back to Yubico to be reprogramed with the new firmware? If not I’ll take responsibility for not reading all the documentation and just suck it up and drive on, for me and my company the money is not the issue here. The issue is that we expected to get a given capability and the device can’t deliver it.

You have no idea how badly I want this to work as advertised. I love the idea of having a self-selected 64 character password in my YubiKey. I want to be able to show this to our clients and explain to them that they must buy this, that they must use it for the sake of securing their data (you know with TrueCrypt full disk encryption).I want to be able to tell them that they need to use a Yubikey OTP for their Active Directory logons and for their Firewall based VPNs (via a RADIUS solution). It pains me that we aren’t there yet.

Statistics: Posted by WinstonWolf — Thu Jun 17, 2010 8:37 pm

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-06-16T22:50:21+01:00

Very sorry to hear that you're disappointed. We'll have to be more consise how we communicate things and update our documentation accordingly. Please help us improve by telling where to make the appropriate updates so this become clear:

a) The static mode does exactly what we say it does: It emits a static string according to the input by the user.

b) The particular tool in question - the Windows config tool (which I assume has been used here) states in section 2.2:

2.2Random numbers
Where random number generation is used in the application, the random values are generated using the Win32 Crypto API function CryptGenRandom, which should satisfy most needs. There is no special seeding or additional obfuscation added.

c) You can use your own routine to create any input to the static mode and paste that as the public identity and key fields as long as you can get them as hex strings. Then you'll get 32x8 = 256 bit password according to your personal requirements. I don't really see the problem here unless you want more than 256 bits.

d) The scan code mode is currently limited to 16 characters which is also stated in the manual. We'll increase this to 32 or 38 characters in the next firmware release, but you'll have to type them in if you use the configuration tool. At present, we have no intention of making a mapping tool that correctly maps all scan codes according to all available keyboard layouts.

e) The Configuration API can be used if a custom random number generation scheme is needed.

Please let me know if there is anything we can do to turn you into a happy customer. A set of free keys with the new firmware or a full refund ?

With the best regards,

JakobE
Hardware- and firmware guy @ Yubico

Statistics: Posted by Jakob — Wed Jun 16, 2010 10:50 pm

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-06-16T16:17:37+01:00

JakobE,

Here is the problem I have with your reply.
You blame the lack of entropy on the use of CryptGenRandom by the personalization software. This software is written by Yubico, not us the end user; thus Yubico’s decision to use CryptGenRandom is truly at the heart of the problem. Why not generate your own RNG and incorporate it into the software to give us far better entropy? Does this mean that if I use the Linux or Mac version I’ll get a better result in that those versions inherently have to use something other than the WIN32 API CryptGenRandom?

I’ll admit that I didn’t go into the bowels of the documentation before buying my Yubikeys for testing and shame on me for not doing so. I simply went off the “Static Password” page on Yubico’s website:

http://www.yubico.com/developers/static/

Quote:

“The static pass-code can include any combination of 16 to 64 characters and/or numbers.”

For reference that is the first statement in the third paragraph of the page. This led me to erroneously believe that I could in fact include any combination of 16 to 64 characters or numbers as my static password. Seeing as I heard of the Yubikey from Steve Gibson’s podcast I know of his passwords page and I have been using that page to generate passwords to secure accounts that I’m responsible for. Based on reading that page I thought that I would be able to go to grc.com/password and generate one phenomenal password to use in the static mode of my Yubikey, and not just mine the ones that I intended to deploy across my company to secure our password databases. Never mind my intent to push Yubikeys into my client locations to secure laptops with TrueCrypt and strong passwords stored in a Yubikey and to champion the use of AuthLite to the same clientele to authenticate to their active directory networks.

You see, there is no mention of a limitation to 16 ModHex characters in that page, and even if there were while I know what this means – does your average target audience know what 16 ModHex means? I never intended to use the Yubikey as a password generator, my intent was to use grc.com/password to generate my passwords and to use the Yubikey to store 1 or 2 of those passwords so that I might be able to use them with KeePass and TrueCrypt and Lastpass. Alas the statement on the page at best is deliberately misleading and at worse completely false.

Do you understand my disappointment? How about when I have to meet with my boss this Friday to explain to her that the project idea that I have been pushing for in the last 6 months and finally got approved last week to test in house for our company won’t be quite as secure as we intended because the page that I used for reference on the capability of the tool that I intended to use was not accurate?

Statistics: Posted by WinstonWolf — Wed Jun 16, 2010 4:17 pm

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-06-16T12:50:40+01:00

Okay, just let's back off a few meters here. The Yubikey is not itself a password generator and is not designed for static mode per se, it's just a practical add on. The static mode is more or less purely relying on its input at configuration time.

We use Modhex to make the passwords portable between different keyboard layouts. This effectively limits each character to just represent 16 different combinations rather than the "full range" of a keyboard. I assume a password strength checker would lower the rank of the static output due to the fact that only 16 characters are used.

We use CryptGenRandom in the Win32 API to generate random strings in the Windows configuration tool so the entropy is therefore a direct result of that output. When using "compatible output", i.e. a Yubico OTP like string, the private ID and encryption key are both generated with the same principle and are then encrypted using AES. That should not make things worse.A 32-character Modhex output gives theoretically 32 x 4 = 128 bits and 64 characters = 256 bits, given that CryptGenRandom is ideal and that the AES-128 operation does not change anything fundamentally.

It's as simple as that. I beleive that if the entropy is not good enough for your application, then CryptGenRandom is the problem

The scancode mode is currently limited to 16 character output maximum. We have been asked enough times now to increase that and we'll do it. There is a practical limit of 38 characters in the output and we'll aim for that.

Thanks for your input. Please let me know if you feel we've neglected something.

With the best regards,

JakobE
Hardware- and firmware guy @ Yubico

Statistics: Posted by Jakob — Wed Jun 16, 2010 12:50 pm

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-06-16T10:48:45+01:00

Totally agree

Statistics: Posted by shart — Wed Jun 16, 2010 10:48 am

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-06-14T23:25:57+01:00

This is a lousy answer to this problem.

I have been using these instructions for a half hour trying to generate a decent static password and there is never enough entropy in the process. The highest rating I can get on a 64 character password is 157 bits and that was using seed data for the Public, Private and AES portions from 3 different runs of the GRC password generator while including the option to allow for upper and lower case password generation in the settings.

Meanwhile any time I evaluate the Hexadecimal 64 character password from GRC I constantly get between 120 and 130 bits and if I use the 63 random alpha-numeric characters (a-z, A-Z, 0-9) option I constantly get over 250 bits.

I would much rather use the 63 random alpha-numeric characters password generated by GRC than the lousy 157 bit 64 character password generated by the personalization program. I would say that Yubico needs to either allow us to set our own static password or at the very least improve the password generation algorithm in use for the static password generation in the personalization program.

Statistics: Posted by WinstonWolf — Mon Jun 14, 2010 11:25 pm

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-05-17T10:29:14+01:00

In order to reprogram two YubiKeys to emit the same static password, you need to program both YubiKeys to static password mode using the same "Public Identity", "Private Identity" and "AES Key" and by selecting same options while programming both the YubiKeys.

Please note that the actual static password (of 32 or more characters) emitted from the YubiKey can not be used to reprogram the other YubiKey to emit the same static password as the actual static password is generated as a result of an encryption function involving the AES key and YubiKey parameters.

Hope this helps!

Statistics: Posted by samir — Mon May 17, 2010 10:29 am

Re: SOLVED: Setting identical static passwords on 2 or more keys

2010-05-14T09:14:29+01:00

Hmmmm... I'm being dense here.

We are testing Yubikeys to be used in static password mode to unlock encrypted drives but obviously would like to be able to recreate a new key with same password if original is lost (obviously we have an encrypted database containing the static key).

How do I go about creating that duplicate key based on the info in this thread. I converted the original static modhex password into hex and put the first 16 bytes as a fixed value public identity, switched off the private identity (as that was only 6 bytes) and put the remaining 16 bytes as a fixed value shared secret. When I then program the new key the first 32 characters match the original but the last 32 are different??

What am I missing?

Thanks

Statistics: Posted by shart — Fri May 14, 2010 9:14 am

Re: Setting identical static passwords on 2 or more keys?

2009-08-06T14:01:42+01:00

Fantastic!

That seems to work exactly as I'd want - I actually skipped the reentering stage by just replacing one yubikey with the other whilst the program is in RUN mode.

Thanks!

Statistics: Posted by mtudor — Thu Aug 06, 2009 2:01 pm

Re: Setting identical static passwords on 2 or more keys?

2009-08-06T13:36:48+01:00

We can configure two YubiKeys 2.0 to emit a same static password by programming them using the same Public ID, Private ID and AES Key.

Please follow the steps below to program the YubiKeys to emit the same static password:

We hope this helps!

Statistics: Posted by network-marvels — Thu Aug 06, 2009 1:36 pm

Re: Setting identical static passwords on 2 or more keys?

2009-08-06T13:24:00+01:00

Looks like I can get them the same if I use "Scan ccode mode" but it's a maximum of 16 characters and I remember reading about the potential for problems with different keyboards in that mode. Not really ideal.

I've tried all I can think of for now. If anyone knows something I've missed then I'd appreciate some pointers! Thanks!

Mark.

Statistics: Posted by mtudor — Thu Aug 06, 2009 1:24 pm

Re: Setting identical static passwords on 2 or more keys?

2009-08-06T13:15:51+01:00

mtudor wrote:

I was wondering if I used the Yubikey config app with BOTH keys plugged into the PC, whether the same settings would be written to both or whether the application software would just pick one of them?

Damn. "There is more than one Yubikey present". Then nothing unless I unplug one of them!

Statistics: Posted by mtudor — Thu Aug 06, 2009 1:15 pm

SOLVED: Setting identical static passwords on 2 or more keys

2009-08-06T14:02:06+01:00

Hi all,

I just received my second Yubikey this morning and I've hit a problem with the way in which I'm hoping to use them. Basically, I have fully encrypted our desktop and laptop at home using Truecrypt and a long 64 character password generated by the first Yubikey. What I'd like is for myself or my OH to be able to use either key to unlock either PC. Both PCs use the same 64 character password but I can't for the life of me figure out how to get the Yubikeys to emit the SAME 64 character password.

I had a search through the forums and what I've found so far isn't all that hopeful. Lots of people saying that I can't manually set a 64 character password on the key - is that true?

Is there any way to have the keys generate the same password? It doesn't matter what that password is as long as it is strong and preferably as long as possible!

I was wondering if I used the Yubikey config app with BOTH keys plugged into the PC, whether the same settings would be written to both or whether the application software would just pick one of them?

Does anybody have any suggestions about how I might get round this issue?

Cheers,

Mark.

Statistics: Posted by mtudor — Thu Aug 06, 2009 1:11 pm