Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 4:12 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Mon Dec 02, 2013 12:59 pm 
Offline

Joined: Mon Dec 02, 2013 11:37 am
Posts: 4
Hello !

I have a usefull suggestion which I care a lot: Allowing longer static password.

I've seen that static passwords can be up to 64 characters, and unfortunately, without OTP it's downsized to 38... I wanted to use a slot of my Yubikey to input "Private keys" (RSA key for instance), and for testing purpose (of the concept) I'm writing an app with takes a private key as input (Base64) and output the public key. The thing is that the minimum strength of a private key is 32bits, which outputs 65 characters (based64).

If I suppress the padding char (=) I can have 64, and even 63 chars, which fits in the 64 chars limit of the yubikey BUT... It's limited to 38 characters...
The suggestion is to allow static password or static "text" up to 2000 characters (~1600 chars for RSA 2048bits) or even up to 3000 characters (~3100 chars for RSA 4096bits), which will also make the yubikey a PKI hardware token too ;)


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Tue Mar 18, 2014 9:13 pm 
Offline

Joined: Wed May 09, 2012 9:35 pm
Posts: 45
Yes! This would indeed be good.

The NSA probably prevents Yubico of doing so though.


Top
 Profile  
Reply with quote  
PostPosted: Wed Mar 19, 2014 10:43 am 
Offline
Site Admin
Site Admin

Joined: Wed Nov 14, 2012 2:59 pm
Posts: 666
Unfortunately NSA has nothing to do with it, just the math

public identifier 32 char modhex is 16 bytes (scancode symbols)
the AES secret 16 bytes
private identity 6 bytes

Its a space limitation within the Yubikey, but we will note your suggestion.

_________________
-Tom


Top
 Profile  
Reply with quote  
PostPosted: Wed Mar 19, 2014 11:05 am 
Offline

Joined: Mon Dec 02, 2013 11:37 am
Posts: 4
Tom wrote:
Its a space limitation within the Yubikey, but we will note your suggestion.


Of course, by "Allowing" I was talking about maybe manufacturing a new product (a hardware token by Yubikey would be a nicer product than current available hardware tokens).


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group