Aww, anderson power poles. Serious business!
| Yubico Forum https://forum.yubico.com/ |
|
| X.509-based Physical Access Control with a Yubikey NEO https://forum.yubico.com/viewtopic.php?f=26&t=1964 |
Page 1 of 1 |
| Author: | darco [ Tue Jul 14, 2015 8:51 pm ] |
| Post subject: | X.509-based Physical Access Control with a Yubikey NEO |
Hello everyone, I wanted to enter the Yubikey Neo contest, but my life has just been too crazy to put together a slick entry. But I did want to share what I have so far... https://www.youtube.com/watch?v=dGSfpO6svW0 Above is a video demonstration of my PIV-based physical access control endpoint. It works great, but it's implementation is a bit crufty (basically a bunch of shell scripts, see here). I'm planning to do a big re-write in node.js over the next few months, which I'll be calling FlexPACS. Thoughts and comments are welcome. |
|
| Author: | brendanhoar [ Tue Jul 14, 2015 11:37 pm ] |
| Post subject: | Re: X.509-based Physical Access Control with a Yubikey NEO |
Aww, anderson power poles. Serious business!
|
|
| Author: | Tom2 [ Wed Jul 15, 2015 2:11 pm ] |
| Post subject: | Re: X.509-based Physical Access Control with a Yubikey NEO |
Well done =) |
|
| Author: | darco [ Mon Sep 14, 2015 7:27 pm ] |
| Post subject: | Re: X.509-based Physical Access Control with a Yubikey NEO |
Just a quick update with a picture: Attachment:  11988363_543105253463_2195101927042392637_n.jpg [ 55.24 KiB | Viewed 3960 times ] It's using a CAT-5 USB extender and ACR122U NFC reader. The setup is temporary until I can build a better enclosure... But it works great for prototyping. Still need to get the software working better, but with this now installed I think I'll be more motivated to get that side of things working better.
|
|
| Author: | Tom2 [ Tue Sep 15, 2015 10:26 am ] |
| Post subject: | Re: X.509-based Physical Access Control with a Yubikey NEO |
can you tell us about the reader performances? Are you satisfied with it? Does it require to hold the key for long? |
|
| Author: | darco [ Sun Oct 11, 2015 11:28 pm ] |
| Post subject: | Re: X.509-based Physical Access Control with a Yubikey NEO |
So I've managed to get the thing working fully! Watch here: https://www.youtube.com/watch?v=fl5KW1p3LQ8 Regarding the authentication speed, it is now much faster than it was(It's now a little more than a second), but it's still a tad slower than ideal... Caching the certificate helps a ton. Using ECDSA is also noticeably faster than RSA. But I think the problem at the moment is in the software I'm using (OpenSC's pkcs15-tool) to get the signed nonce from the token is doing a lot of extraneous transactions. I'll eventually be writing my own software to do this, but I've got so many personal projects going on it may be a bit before I can get around to it. :/ In any case, I hope to write up a blog post about this setup soon. Will post a link when I do! |
|
| Author: | Tom2 [ Mon Oct 12, 2015 10:28 am ] |
| Post subject: | Re: X.509-based Physical Access Control with a Yubikey NEO |
Nice, let's see if we can get this tweeted today =) |
|
| Author: | darco [ Tue Oct 13, 2015 7:12 pm ] |
| Post subject: | Re: X.509-based Physical Access Control with a Yubikey NEO |
If you don't mind, I'd like to get a nicer writeup (i.e. blog post) about my setup before I start getting too much attention. With any luck I can have that finished over the next week (since I have some free time this week). If it's already been tweeted, then no worries. If I was really concerned about it I shouldn't have posted about it yet. 
|
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|