Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 10:31 am

All times are UTC + 1 hour




Post new topic Reply to topic  [ 15 posts ]  Go to page Previous  1, 2
Author Message
PostPosted: Thu Dec 18, 2014 12:10 pm 
Offline
Yubico Team
Yubico Team

Joined: Wed Aug 06, 2014 2:40 pm
Posts: 38
rnewson: You're right. For some reason I thought you were referring to the timestamp and nonce that is generated by the client as part of the validation protocol.


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Fri Dec 19, 2014 10:29 am 
Offline
Yubico Team
Yubico Team

Joined: Wed Aug 06, 2014 2:40 pm
Posts: 38
darco wrote:
How is the source code to the U2F app audited? Is it only reviewed internally, or is it independently reviewed?

It has been reviewed by an independent security firm.


Top
 Profile  
Reply with quote  
PostPosted: Tue Mar 17, 2015 10:28 pm 
Offline

Joined: Sun Mar 15, 2015 12:23 pm
Posts: 3
henrik wrote:
darco wrote:
How is the source code to the U2F app audited? Is it only reviewed internally, or is it independently reviewed?

It has been reviewed by an independent security firm.


are there any resources available of this?

Have recently also bought a Yubikey NEO and while pondering on the U2F feature, the "hardcoded" device key became also one of my primary interest.
To me, this comes down to "Yubikey and other U2F vendors" becoming a "token CA" and as customer you buy a hardware token including a per-generated private key. To me, if I would start to support U2F on our websites for auth, that would fundamentally imply to require to trust "all those CA's" in the first place.

To summary, and please feel free to correct my understanding:

- access/altering device key is prohibited to assure uniqueness of each U2F "key" and used private key are "impossible" to retrieve (no cloning).
- attestation certificate signs they "on-chip" pub key (during manufacturing) so U2F aware websites can verify the "U2F" being genuine.
- U2F "token certificate authorities" such as Yubico guarantee for their U2F devices.

Considering that Yubico is a company under US law, I do trust it as much I trust e.g. "Symantec SSL".


Top
 Profile  
Reply with quote  
PostPosted: Wed Mar 18, 2015 3:48 pm 
Offline
Yubico Team
Yubico Team

Joined: Wed Aug 06, 2014 2:40 pm
Posts: 38
Here are some resources that should answer your questions:

viewtopic.php?p=6561#p6561
https://developers.yubico.com/U2F/Proto ... ation.html
https://developers.yubico.com/U2F/Proto ... rview.html

Regarding the security audit, please contact Sales.


Top
 Profile  
Reply with quote  
PostPosted: Tue Jul 14, 2015 11:17 pm 
Offline

Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
Somehow I missed this part:

dain wrote:
However, this approach falls short, as the R value used in the ECDSA signatures cannot be verified to not contain a backdoor without direct access to the private key. Thus, this approach only serves to add a bunch of complexity to the key generation, with no real benefit (and was thus shelved).


I agree with your point, no matter how 'R' is calculated.

But your comment reminded me about a question I had about the ECDSA implementation that is being used for the U2F app... Is 'R' for the ECDSA signature operation mandated to be determined deterministically (via hashing the private key along with the data being signed) or is it generated using the on-board RNG?


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 15 posts ]  Go to page Previous  1, 2

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group