Yubico Forum
https://forum.yubico.com/

Yubikey NEO hardware feature
https://forum.yubico.com/viewtopic.php?f=12&t=1702
Page 1 of 1

Author:  darco [ Wed Jan 07, 2015 9:23 pm ]
Post subject:  Yubikey NEO hardware feature

This one may be difficult to implement, but would be incredibly useful.

I would love the ability to disable/enable NFC on a yubikey neo by way of some sort of simple physical manipulation of the token. The goal is to prevent someone with proximity to the key (but otherwise without physical access to the key) from tampering with the device.

This could be implemented by a tiny switch on the side of the token, or perhaps by a button that must be held down to allow for NFC.

A switch or a membrane button would do the trick, but has the downside of introducing parts which will eventually wear out. An ideal mechanism would only enable NFC while the capacitive button is being pressed, but as someone who has worked with capacitive sensors hardware before this approach will be flaky if it is even possible at all (which it definitely isn't with the current hardware design). Using a RF-shielded "cap" which covers the entire key would work, but this is an extra part which I would likely quickly loose.

In any case, I'd much rather be able to "enable/disable" NFC via some sort of intuitive manipulation of the key itself rather than using a shielded "cap". Exactly what that manipulation would be, I'm not entirely certain.

I was trying to figure out a simple way to do this that would involve shorting out the USB power pins to disable NFC, but can't figure out how such a manipulation would be intuitive or not require additional parts. I mention it because it might be an interesting starting point.

Author:  brendanhoar [ Wed Jan 07, 2015 10:28 pm ]
Post subject:  Re: Yubikey NEO hardware feature

Hmm, currently the device doesn't store enough energy for touch response other than during USB powered operation. Having that work temporarily during energized NFC transactions might (as you indicate) be difficult.

Suggestions (some may require a slight hardware revision):

Add support for additional configuration flag(s) via Yubico NEO Manager or the Yubico Personalization Tool to:
1. temporarily enable/disable responding to NFC
2. require holding fingers against the disc, the USB pad or both (with fingers on the same hand in the latter case) to enable responding via NFC. Might need a small amount of long-lasting charge storage and occasional top-offs via USB.

Also, along the lines of your idea, perhaps a latching holder (itself which goes on a keyring) that latches to a slightly different form factor yubikey from the USB end which (through contacting the USB pads) disables NFC when the unit is latched to the holder.

Author:  colliewob [ Sun Jul 03, 2016 9:10 pm ]
Post subject:  Re: Yubikey NEO hardware feature

brendanhoar wrote:
Also, along the lines of your idea, perhaps a latching holder (itself which goes on a keyring) that latches to a slightly different form factor yubikey from the USB end which (through contacting the USB pads) disables NFC when the unit is latched to the holder.

Similar to viewtopic.php?f=12&t=774

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/