| Yubico Forum https://forum.yubico.com/ |
|
| [QUESTION] Does Yubico know the device secret? https://forum.yubico.com/viewtopic.php?f=33&t=1666 |
Page 2 of 2 |
| Author: | henrik [ Thu Dec 18, 2014 12:10 pm ] |
| Post subject: | Re: [QUESTION] Does Yubico know the device secret? |
rnewson: You're right. For some reason I thought you were referring to the timestamp and nonce that is generated by the client as part of the validation protocol. |
|
| Author: | henrik [ Fri Dec 19, 2014 10:29 am ] |
| Post subject: | Re: [QUESTION] Does Yubico know the device secret? |
darco wrote: How is the source code to the U2F app audited? Is it only reviewed internally, or is it independently reviewed? It has been reviewed by an independent security firm. |
|
| Author: | yze [ Tue Mar 17, 2015 10:28 pm ] |
| Post subject: | Re: [QUESTION] Does Yubico know the device secret? |
henrik wrote: darco wrote: How is the source code to the U2F app audited? Is it only reviewed internally, or is it independently reviewed? It has been reviewed by an independent security firm. are there any resources available of this? Have recently also bought a Yubikey NEO and while pondering on the U2F feature, the "hardcoded" device key became also one of my primary interest. To me, this comes down to "Yubikey and other U2F vendors" becoming a "token CA" and as customer you buy a hardware token including a per-generated private key. To me, if I would start to support U2F on our websites for auth, that would fundamentally imply to require to trust "all those CA's" in the first place. To summary, and please feel free to correct my understanding: - access/altering device key is prohibited to assure uniqueness of each U2F "key" and used private key are "impossible" to retrieve (no cloning). - attestation certificate signs they "on-chip" pub key (during manufacturing) so U2F aware websites can verify the "U2F" being genuine. - U2F "token certificate authorities" such as Yubico guarantee for their U2F devices. Considering that Yubico is a company under US law, I do trust it as much I trust e.g. "Symantec SSL". |
|
| Author: | henrik [ Wed Mar 18, 2015 3:48 pm ] |
| Post subject: | Re: [QUESTION] Does Yubico know the device secret? |
Here are some resources that should answer your questions: viewtopic.php?p=6561#p6561 https://developers.yubico.com/U2F/Proto ... ation.html https://developers.yubico.com/U2F/Proto ... rview.html Regarding the security audit, please contact Sales. |
|
| Author: | darco [ Tue Jul 14, 2015 11:17 pm ] |
| Post subject: | Re: [QUESTION] Does Yubico know the device secret? |
Somehow I missed this part: dain wrote: However, this approach falls short, as the R value used in the ECDSA signatures cannot be verified to not contain a backdoor without direct access to the private key. Thus, this approach only serves to add a bunch of complexity to the key generation, with no real benefit (and was thus shelved). I agree with your point, no matter how 'R' is calculated. But your comment reminded me about a question I had about the ECDSA implementation that is being used for the U2F app... Is 'R' for the ECDSA signature operation mandated to be determined deterministically (via hashing the private key along with the data being signed) or is it generated using the on-board RNG? |
|
| Page 2 of 2 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|