Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 10:55 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 8 posts ] 
Author Message
PostPosted: Sat Feb 02, 2013 10:04 pm 
Offline

Joined: Thu Mar 15, 2012 6:03 pm
Posts: 32
Hello,

I'm very interested about the NEO Yubikey, but as I was browsing your site for info, I noticed it uses a MIFARE Classic chip. As I understand, MIFARE Classic has some serious security issues (for example: http://en.wikipedia.org/wiki/MIFARE#Security_of_MIFARE_Classic.2C_DESfire_and_Ultralight). What is Yubicos opinion on this? Do you feel the Classic is sufficient to use as a security device and/or are you planning to replace it with a newer chip in the future?


Last edited by foxzilla on Fri Feb 08, 2013 8:12 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Mon Feb 04, 2013 3:13 pm 
Offline

Joined: Fri Feb 01, 2013 6:12 pm
Posts: 12
They knew it was insecure, but made a decision to use it anyway because of how prevalently used it is.

viewtopic.php?f=16&t=510#p2143

I think they do make a valid point that it still is more secure than others that pass a static ID.


Top
 Profile  
Reply with quote  
PostPosted: Mon Feb 04, 2013 6:15 pm 
Offline

Joined: Thu Mar 15, 2012 6:03 pm
Posts: 32
Thanks for the link, I hadn't noticed it since it's not here on the NEO forum. I can see why they would do that (business decision), although that doesn't exactly comfort me that much (btw that post was three years ago. Shouldn't we be close to "eventually" by now..? :))

Seriously though, I'm not an expert with these thing: what kind of attack scenarios does the broken algorithm (in theory) make possible? If someone scans the NEO, can he copy it? Can he get the key?

Another thing I thought was how easy it would be to scan someones NEO without them noticing it (just swipe the scanner over their keys) and getting one valid OTP that way. Or does the user need to press the button on Yubikey for it to emit an NFC signal/OTP?

PS. The link you posted talks about Yubikey RFID. Is it the same product as the NEO which uses NFC?


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 05, 2013 3:12 am 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
Yes - we're more than aware that the Mifare Classic crypto has been broken for quite some time. Worth mentioning here is that the Mifare Classic support is optional in the NEO and is not linked to the normal NEO NFC operation, where this differs from the RFID Yubikey.

The NEO has the optional capability to emulate a Mifare Classic tag. This is just to join force with the hundreds of millions of Mifare tags that are out there and support the legacy of Mifare Classic. Although broken as such, it is far better than most prox systems that have no security at all.

With this said, the NEO supports the proprietary Mifare Classic ISO14443-3 protocol, but the Yubikey- and NEO applets are accessed through the ISO14443-4 mechanism. Therefore, from a Yubikey perspective, the defectiveness of the Mifare CRYPTO1 does not affect the NEO as such. Anyone who cannot accept the Mifare Classic limitations does not have to use it - it does not provide a back-door to the inner secrets of the NEO, only the Mifare credentials, if set.

With the best regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 05, 2013 3:28 am 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
I forgot the other questions posted here:

a) The RFID Yubikey is to become discontinued as it is replaced with the NEO for customers who want similar functionality.

b) Remote scanning of a NEO. The NEO antenna is very small, given the size of the Yubikey. This effectively limits the reading range to a few centimeters, i.e. 1-2 inches. Even with a very powerful reader, to power the NEO from distance (say a few decimeters, i.e. 1 ft, or more) would be very difficult, if not impossible as the magnetic flux drops by the distance cubed - double the distance and the power is cut by a factor of 8, multiply by 10 (30-50 cm, or around 1 ft) and the power drops by a factor of 1000. Even worse would be to receive the "backscattering", i.e. the way the NEO sends back data to the reader. The aperture size of the NEO antenna is simply too small to make long-range detection feasible.

Bottom line: The NEO is by all practical means a close proximity solution, with a practical reading range of 2-5 cm or 1-2 inches. Multiplying this distance by a factor of more than 5 or is not practical to do.

With the best regards,

JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 05, 2013 6:20 pm 
Offline

Joined: Fri Feb 01, 2013 6:12 pm
Posts: 12
It really goes to show that security isn't as simple as "is it secure." So basically, there is an issue with MIFARE Classic, but in reality, the real world ramifications of the issue as implemented by the NEO make it more hypothetical than anything, especially with the required extreme lack of distance.


Top
 Profile  
Reply with quote  
PostPosted: Tue Feb 05, 2013 11:44 pm 
Offline

Joined: Thu Mar 15, 2012 6:03 pm
Posts: 32
Thank you for the interesting answers, some of it is more than I can get my head around :)

I still think it would be much easier to get an OTP from the NEO than regular Yubikey without the user noticing anything - you only need to sit/stand next to them in a busy train if they have their keys and Yubikey in their pocket for example. For this reason it would be good if the NEO wouldn't work unless the user actually wants it to, ie. press the button. Not sure if that's possible technically.

Still going to order one though :)


Top
 Profile  
Reply with quote  
PostPosted: Wed Feb 06, 2013 5:15 pm 
Offline

Joined: Fri Feb 01, 2013 6:12 pm
Posts: 12
It might be partially the device, but at least on my Blackberry, it's not enough that the Yubikey is physically touching the right spot, I actually have to press in a bit. The required range is extremely short.

I'm not sure the initiator provides that much power to be able to use the button. I just don't think it's a real world scenario.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 10 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group