Yubico Forum
https://forum.yubico.com/

[Solved] Factory programmed OTP and U2F management
https://forum.yubico.com/viewtopic.php?f=16&t=2071
Page 1 of 1

Author:  mauro [ Mon Oct 26, 2015 11:21 am ]
Post subject:  [Solved] Factory programmed OTP and U2F management

By default the forum requires a OTP to login, obviously this OTP needs to be registered on the yubico servers and one comes already programmed with new yubikeys, my question is: if one loses the yubikey or for some reason the OTP changes (deleted or overwritten by mistake) would enrolling a new OTP through the personalisation tool be enough to fix the mistake and allow one to continue login in the forum?

Regarding U2F I was wondering if there is any way to revoke one/all credentials? I may have missed it but I don't seen anything about that in the personalisation tool.

Another question is related to the number of U2F credentials one can have programmed, the FAQ says: "you can have an unlimited number of U2F credentials on these YubiKeys that support the U2F protocol" but I feel that unlimited is a very big number.

If I understand correctly the gist of how U2F works, then when enrolling a new credential a public/private key pair is generated, the public part is sent to the website and the private part along with some other information is stored in the secure element. For practical purposes the storage in the secure element might be able to store more credentials than one might ever need but I'm still curious about how many it can store.

Author:  brendanhoar [ Mon Oct 26, 2015 12:36 pm ]
Post subject:  Re: [QUESTION] Factory programmed OTP and U2F management

mauro wrote:
If I understand correctly the gist of how U2F works, then when enrolling a new credential a public/private key pair is generated, the public part is sent to the website and the private part along with some other information is stored in the secure element. For practical purposes the storage in the secure element might be able to store more credentials than one might ever need but I'm still curious about how many it can store.


Yubico got clever about keypair generation. The U2F internals create a site's private key from a hash of the appID sent by each site, a locally generated-at-registration random nonce and the unique U2F secret (only one per U2F key). They generate the public key from the private key and return that public key, but also return the nonce and a generated MAC as the keyhandle. The private key is then discarded!

The sites themselves store the public key and nonce (the latter as part of the keyhandle). When transacting, the nonce and MAC are returned to the U2F key (again that's the keyhandle) as is the appID. The private key is then internally re-generated from hash of the appid/nonce (and unique U2F secret) each time.

So the U2F key doesn't store *anything* about each site.

It sounds really backwards, but it works.

See here: https://developers.yubico.com/U2F/Proto ... ation.html

Brendan

Author:  mauro [ Mon Oct 26, 2015 2:34 pm ]
Post subject:  Re: [QUESTION] Factory programmed OTP and U2F management

That clarifies things. It also answers the question of revoking credentials, given that the yubikey does not have storage for U2F credentials, then on the user side it is not possible to revoke/blacklist anything.

Author:  brendanhoar [ Mon Oct 26, 2015 3:21 pm ]
Post subject:  Re: [QUESTION] Factory programmed OTP and U2F management

mauro wrote:
That clarifies things. It also answers the question of revoking credentials, given that the yubikey does not have storage for U2F credentials, then on the user side it is not possible to revoke/blacklist anything.


Hmm.

Can you illustrate a threat model that would require user-side revocation/blacklisting a U2F credential? I would hope that most single-U2f-key server-side implementations would allow for key replacement (effectively revoking the original key) and most multi-u2f-key server-side implementations would allow for server-side revocation of an associated key at the user's request?

B

Author:  mauro [ Mon Oct 26, 2015 5:01 pm ]
Post subject:  Re: [QUESTION] Factory programmed OTP and U2F management

I wasn't thinking of anything in particular, I suppose I should have worded my previous reply better.

Given that the yubikey does not store U2F credentials then there is nothing to manage on the user side, as in if you replaced the key server side then you would delete/revoke the unneeded private key on the yubikey.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/