| Yubico Forum https://forum.yubico.com/ |
|
| Different values for same challenge between yk std and yk 4 https://forum.yubico.com/viewtopic.php?f=35&t=2245 |
Page 1 of 1 |
| Author: | darshakthakore [ Thu Mar 03, 2016 10:27 pm ] |
| Post subject: | Different values for same challenge between yk std and yk 4 |
Hi, We have been successfully using the yubikey standard for a while with the following configuration Configuration Slot 2 configured for HMAC-SHA1 based Challenge-Response mode where we have configured multiple yubikeys with the same secret key in variable input mode. We use this in an application where it issues a specific challenge and validates the response. Recently we bought the new yubikey 4 and programmed the yk4 with the same configuration as the std. However, we could not get the yk4 to work with our applications. Upon further testing using the "ykchalresp" program, i was able to verify that the yk4 is issuing a different response than the yk std for the exact same challenge and secret. I didn't see any information/documentation that indicated that the HMAC-SHA1 chal-resp behavior would have changed ? Here are additional details yk std firmware: 2.4.2 yk 4 firmware: 4.2.7 Personalization tool version: 3.1.24 Any idea why we are getting different results ? |
|
| Author: | ChrisHalos [ Fri Mar 04, 2016 1:47 am ] |
| Post subject: | Re: Different values for same challenge between yk std and y |
Can you make up some full parameters so you can share with us (i.e. let us see the secret key / challenge / response for a Standard and a YK4 - obviously not the one you're using)? I just ran a couple tests and I don't see any differences. I tried with a YubiKey Standard, YubiKey 4, and YubiKey NEO: (With Personalization Tool v 3.1.24 on Windows 10): *Slot 2 *Require user input not selected *Variable input *Secret key - 6cc335d6b04852ea46178fda1d8849c65e166e68 Same credential programmed into slot 2 of all three YubiKeys. I then used ykchalresp in Command Prompt: Code: c:\ykpers-1.17.1-win64\bin>ykinfo -a
serial: 2245696 serial_hex: 224440 serial_modhex: ddfffc version: 2.4.2 touch_level: 2307 programming_sequence: 3 slot1_status: 1 slot2_status: 1 vendor_id: 1050 product_id: 10 c:\ykpers-1.17.1-win64\bin>ykchalresp -2 0123456789012345678901234567890123456789012345678901234567891234 03ac3c14fb27e88a46268f3822bf226d89286016 c:\ykpers-1.17.1-win64\bin>ykinfo -a serial: 4282000 serial_hex: 415690 serial_modhex: fbghkc version: 3.4.7 touch_level: 10759 programming_sequence: 3 slot1_status: 1 slot2_status: 1 vendor_id: 1050 product_id: 116 c:\ykpers-1.17.1-win64\bin>ykchalresp -2 0123456789012345678901234567890123456789012345678901234567891234 03ac3c14fb27e88a46268f3822bf226d89286016 c:\ykpers-1.17.1-win64\bin>ykinfo -a serial: 4227930 serial_hex: 40835a serial_modhex: fcjegl version: 4.2.7 touch_level: 519 programming_sequence: 3 slot1_status: 1 slot2_status: 1 vendor_id: 1050 product_id: 407 c:\ykpers-1.17.1-win64\bin>ykchalresp -2 0123456789012345678901234567890123456789012345678901234567891234 03ac3c14fb27e88a46268f3822bf226d89286016 |
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|