Yubico Forum
https://forum.yubico.com/

Does not create public ID in static mode
https://forum.yubico.com/viewtopic.php?f=16&t=378		 Page 1 of 1
Author:  mhile [ Thu Aug 13, 2009 5:52 pm ]
Post subject:  Does not create public ID in static mode
Using my new ver 2 key (I have programmed and use numerous version 1 keys). I am creating a static password for #2.

Using the configuration tool (2.00.1) I select the advanced mode, 32 characters and enter a fixed value ID string (6 hex values) and a set of hex values for the AES key. When I go to create key the application says that the Public ID is N/A. When I write to the key I also do not get a static first set of characters what would be the Public ID.

What am I missing?

Thanks, Matthew
Author:  network-marvels [ Mon Aug 17, 2009 10:48 am ]
Post subject:  Re: Does not create public ID in static mode
Every time the button on the Yubikey is pressed, it generates a 44 character long password. The 44 character stream contains the following information:

The first 12 characters represent the ID of the YubiKey. The following 32 characters represent the password (typically this is One Time Password but it can be changed to generate a static password).

A YubiKey can be operated in one of the following two modes depending on the user’s requirements:

    1) One Time Password Mode:

    In the One Time Password (OTP) mode, every time the user presses the button, the YubiKey generates a 44 character password which contains the static “YubiKey ID” and an event based “One Time Password”.
    For Example:
    Observe the following OTPs generated from a YubiKey configured in “One Time Password” mode:

    fuhkifhkhufbfdccgukghlbuinldkcndkrrluvedbthrhi
    fuhkifhkhufbfdvblbbleffckfhthjdgrgjrbtjbnnlhdl
    fuhkifhkhufbfdhgghncdchnkhrribnukccgurhtlgkfuf
    fuhkifhkhufbfdfcicntcjjdjgchdgifgjebgrenugrfuk
    fuhkifhkhufbfdcrtefbtnnebvtuvhdthbrltvckergedl

    Here the first 12 characters representing the YubiKey ID of all the OTPs are the same. The next 32 characters representing the One Time Password are all different and generated based on the event based OTP generation scheme of the Yubico, thus resulting in a unique 44 character password every time. This is the default mode of YubiKey operation.

    2) Static Password Mode:

    In the “Static Password” mode, every time a user presses the button, the YubiKey generates a 44 character password which contains a static “YubiKey ID” and a static password.
    For Example:
    Observe the following passwords generated from a YubiKey configured in “Static Password” mode:

    fuhkifhkhunjfkjeegdcherbljkrdgvhhkllicgcuu
    fuhkifhkhunjfkjeegdcherbljkrdgvhhkllicgcuu
    fuhkifhkhunjfkjeegdcherbljkrdgvhhkllicgcuu
    fuhkifhkhunjfkjeegdcherbljkrdgvhhkllicgcuu
    fuhkifhkhunjfkjeegdcherbljkrdgvhhkllicgcuu

    Here the first 12 characters represent the YubiKey ID and the next 32 characters represent the static password (which is generated as a result of an encryption function involving the AES key and YubiKey parameters. A unique key will generate a unique PW.) is always the same when the button is pressed, thus resulting in same 44 character strong password every time.

As while programming the YubiKey, the number of characters selected are 32, the YubiKey ID aka Public ID will be omitted when the password from YubiKey is generated.

The 6 hex characters you programmed are the private identity (Private ID) of the YubiKey and not the Public ID. If you want the Public ID to be the part of the password, then change the number of characters to 44 and then reprogram your YubiKey.

We hope this helps!
Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/