Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 5:39 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 3 posts ] 
Author Message
PostPosted: Thu Jun 25, 2009 9:00 am 
Offline

Joined: Fri Jun 19, 2009 6:06 pm
Posts: 31
Welcome to this topic!

I'll highlight the features _I_ would like to see implemented (and some of them may even be 'backported' to version 1). Most of these concepts have been documented on the wiki.

The new key, IMNSHO..

- will be delivered with hardened firmware that lacks functions like CapsLock doubleclicking, auto-URL navigation
- can not be programmed unless you have obtained its AES key
- will deactivate itself for some time if a failed programming attempt is detected
- can be loaded with alternate firmware that has functions like CapsLock doubleclicking .. etc.
- can be ordered in various colours
- supports a pin: after inserting the key, you need to type a 6 digit [0-9] pin on your key board to activate it (it will blink to indicate success)

We should also work on revoking and replacing, for example see my proposal for the SKIP protocol (wiki).


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Thu Jun 25, 2009 10:48 am 
Offline
Site Admin
Site Admin

Joined: Wed May 28, 2008 7:04 pm
Posts: 263
Location: Yubico base camp in Sweden - Now in Palo Alto
Thanks, fortean. You were quicker than I was in making the first post here :) Thanks for the Welcome anyway.


Will be delivered with hardened firmware that lacks functions like CapsLock doubleclicking, auto-URL navigation
- Yes. These are gone

Can not be programmed unless you have obtained its AES key
- Protection is set at configuration time and in order to make it simple for test, we ship all "developer's keys" without the protection set.

Will deactivate itself for some time if a failed programming attempt is detected
- An exhaustive search for the access password is futile anyway. Given a 48-bit password and 100 ms latency per try, searching the key space would take about a million years or so.

Can be loaded with alternate firmware that has functions like CapsLock doubleclicking .. etc.
- The Yubikey 2 is a ROM based design so the firmware cannot be changed. We will however introduce new features as time goes by. However, I doubt that the removed features will appear again.

Can be ordered in various colours
- YES ! Just like with the Model-T Ford, some time had to pass before other colors than black became available. We'll start with white as the second standard color and see where it goes. At present, we require a MOQ of 5000 pcs for custom colors, but this may change.

Supports a pin: after inserting the key, you need to type a 6 digit [0-9] pin on your key board to activate it (it will blink to indicate success)
- An interesting feature indeed. We'll put that on the upcoming feature list. Such a function would require a piece of client software though.

With the best regards,
JakobE
Hardware- and firmware guy @ Yubico


Top
 Profile  
Reply with quote  
PostPosted: Thu Jun 25, 2009 2:48 pm 
Offline

Joined: Fri Jun 19, 2009 6:06 pm
Posts: 31
JakobE wrote:
Thanks, fortean. You were quicker than I was in making the first post here :) Thanks for the Welcome anyway.

Oops, I apologize :mrgreen: - but am happy with the twist this thread took: I imagined it was to discuss features for the 2.0 version and was happily surprised when I found out it was in fact an announcement of the 2.0 version that has most of the features on my personal wishlist implemented allready.

JakobE wrote:
Will be delivered with hardened firmware that lacks functions like CapsLock doubleclicking, auto-URL navigation
- Yes. These are gone

Good.

Quote:
Can not be programmed unless you have obtained its AES key
- Protection is set at configuration time and in order to make it simple for test, we ship all "developer's keys" without the protection set.

Does this indicate that the new tools allow to set the password without reprogramming the key? In as far as I recall, the old tools did not (don't have them at hand now, will check later).

My problem with the default setup is that, as the key becomes more popular, probably some cracker will design some malware to detect and attack it. Plugging the factory default programmed key in such a malware infected system might result in a useless key at best, as the malware freely may reprogram it. And - again, in as far as I recall - setting a password requires reprogramming it, which overwrites the AES string and so I can't use the key to authenticate against the Yubicom servers anymore.

I know: you could acquire the AES secret from Yubicom, but that requires showing some proof of purchase. In my case, my company bought 100+ keys and hence I can not provide you with proof of purchase for my unique key, hence will not be able to obtain the key and so can not reprogram the key with its original AES secret.
And even if I HAVE the Yubicom AES string: reprogramming the key will reset the counters and resetting the counters will render the key useless :shock:

JakobE wrote:
Will deactivate itself for some time if a failed programming attempt is detected
- An exhaustive search for the access password is futile anyway. Given a 48-bit password and 100 ms latency per try, searching the key space would take about a million years or so.

Sure. So, the seller of a security device designed to replace / enhance systems based on common passwords tells me that a 48 bit secret (as in: common password) - not even combined with a username - provides plenty of protection? :oops:

JakobE wrote:
Can be loaded with alternate firmware that has functions like CapsLock doubleclicking .. etc.
- The Yubikey 2 is a ROM based design so the firmware cannot be changed. We will however introduce new features as time goes by. However, I doubt that the removed features will appear again.

Ah, I hadn't realised that it was ROM based, but it makes sense. Well, I guess some people will complain about the missing features, but seen from a security perspective I consider this as a very good development (though frankly I am happy I still have an number of the old keys to allow me to play with these features ;) )

JakobE wrote:
Can be ordered in various colours
- YES ! Just like with the Model-T Ford, some time had to pass before other colors than black became available. We'll start with white as the second standard color and see where it goes. At present, we require a MOQ of 5000 pcs for custom colors, but this may change.

Sure it will! Nice :P

Quote:
Supports a pin: after inserting the key, you need to type a 6 digit [0-9] pin on your key board to activate it (it will blink to indicate success)
- An interesting feature indeed. We'll put that on the upcoming feature list. Such a function would require a piece of client software though.

Well, does it? For fun, I tap the CapsLock key on my keboard sometimes - though the feature is deactivated by default, my key still blinks happily back at me when I do. So, if you're able to read the keyboard LED status, perhaps you can read the keyboard keystrokes as well. As 0-9 have standard locations on most if not all keyboards, perhaps the client-side software is not needed after all ...

Something like this:

  • The key is inserted and blinks at a slow pace, indicating it is not active.
  • You doubleclick capslock: the key indicator dims.
  • Use the top row digits to type the pin on your standard keyboard.
  • Each keystroke results in a single blink of the key indicator (optional, as it compromises security, unless you always use a fixed length (6?) digit code)
  • Press enter to complete: if the PIN was correct, the key starts working as usual. Otherwise, the key will resume it's slow pace blink.

I haven't studied HID so perhaps I am spitting out nonsense here, but I am willing to stand corrected!

Again, my apology for stealing your show, Jakob!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group