Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 4:42 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 5 posts ] 
Author Message
 Post subject: Yubikey output string
PostPosted: Thu Feb 12, 2009 8:02 pm 
Offline

Joined: Thu Feb 12, 2009 7:17 pm
Posts: 2
I hadn't noticed this originally, but my Yubikey (not modified from when I received it in the mail) only outputs characters [a-z] and not, as I would have expected [a-zA-Z0-9] and maybe some special characters (like [!@#$%] or others).

Does this limited character set necessarily make the generated string any less secure? Why does it not use a larger set of characters?

Thanks,

Chris

(PS, if this is not the best forum to put this topic in, please move it! I wasn't sure which forum to ask this question in.)


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Thu Feb 12, 2009 9:52 pm 
Offline

Joined: Wed Feb 11, 2009 11:42 am
Posts: 4
The string contains the encrypted, modhex encoded OTP.
The outputted string from the yubikey is in modhex format.

You can read more about the modhex format here:
http://forum.yubico.com/viewtopic.php?f=6&t=96


Top
 Profile  
Reply with quote  
PostPosted: Fri Feb 13, 2009 9:57 pm 
Offline

Joined: Fri Jun 20, 2008 2:59 am
Posts: 84
av8rgeek wrote:
Does this limited character set necessarily make the generated string any less secure? Why does it not use a larger set of characters?


This is a very important question, and I think it should be addressed in the Wiki. Maybe I'll work up a page for it based on this post and others I've done.

First of all, the question of character length doesn't matter at all in OTP mode, because the information emitted by the yubikey is not a password, but merely some encrypted information. The number of characters emitted simply needs to be long enough to communicate the ID and current state of the yubikey. The state is AES encrypted by a secret known only inside the key and to the server. It's not a "password", and thus the length has nothing whatsoever to do with the security of the OTP system. In other words, no, it's not less secure at all.


Now, your question actually becomes more interesting for static passwords, where the emitted string is in fact the secret itself. So let's talk about static mode. It's understandable to have the misconception that a smaller character set means less security, if you are thinking about a password as some fixed number of characters. Instead, to learn the amount of security of a password we need to consider "number of bits" encoded.

The yubikey can store and emit a static password with up to 256 bits of complexity (if you use the right tool). It emits this using the modhex language. Each character encodes 4 bits of the total password. This is how your intuition was telling you the limited character set decreased security; you were comparing some fixed number of characters in modhex versus the same number of characters in ASCII.

But whether a certain password is encoded as 64 modhex characters using the limited modhex set, or 32 ascii characters, it doesn't make a difference to the security represented by that password. You could even represent it using a binary alphabet of 2 characters (say 0 and 1) and in that base-2 language the password would take 256 characters to say. But still it has the same amount of security no matter what character set you use. It just gets "longer" or "shorter".

Easy when you think about it that way, right?

Now, here's one wrinkle you need to be aware of... Most apps you use that require a password will be ASSUMING that you are using the full set of ascii characters in your static password composition. So, apps that tell you the security level of your password may over-estimate it as being twice as strong as it really is: 512 bits instead of the real 256. (256 bits is INCREDIBLY strong for a static password by the way).

Similarly, apps that limit you to a certain number of characters of input are less secure. If an app limits you to 40 characters, and you choose to use a yubikey static password, then you are only getting 40*4 = 160 bits of password complexity. If you created a completely random ASCII password you could have 40*8 = 320 bits of password complexity.


Lastly, some apps that make the "ASCII assumption" will tell you that you need to use digits and "special" characters to make the password secure. This is because they assume you are using a short human-memorable password that encodes a small amount of bits and could be easily brute-force guessed. Since you are in fact using a super long 256-bit password, this is not the case. But to make these apps happy, you may have to manually prepend a short sequence of "special" ascii characters before tapping the yubikey.

And that can be a good thing, too: In general, having the static password comprised of something in your head in addition to something in the yubikey is more secure, because an attacker who steals your key cannot then immediately possess your entire password. This split method is of course no protection against key logging, since the password is ultimately still static in nature.


Top
 Profile  
Reply with quote  
PostPosted: Thu Feb 19, 2009 6:35 pm 
Offline

Joined: Thu Feb 12, 2009 7:17 pm
Posts: 2
Thank you for the explanation. I can see it will take a paradigm shift on my part to wrap my head around modhex, but I think I get the idea.

Have a nice afternoon! :D

Chris


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 28, 2009 7:42 am 
Offline

Joined: Wed Aug 26, 2009 10:00 pm
Posts: 1
Ferrix,
Thank you for addressing the security implications of modhex's restricted character set, especially in reference to static passwords. I just received my YubiKeys at the beginning of the week, and had been mulling this issue over in my head. Off to TrueCrypt I go!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group