Yubico Forum

Q: I'm not entirely sure that I understand how the server decrypts the token it receives, since it's encrypted with the device id as the key,how does it know what key to use for decryption?

A: The OTP is not encrypted with the id. It is a separate symmetrical key, unique to each device. The basic principle to verify the blob is as follows:

1. Extract the public ID prefix (sent in clear text = the first characters - 32)
2. Use this prefix to check up in the database which AES key this particular ID has
3. Decrypt the OTP part using this key (last 32 characters = 128 bits)
4. Verify that the checksum matches
5. Verify that the private ID matche
6. Verify that the counter- and timer values match

We got a question to forum@yubico as follows:



The lookup is done in the local database. The intention is that you only ever store the AES key in just one database, so there is no need to synchronize anything. If you need to validate OTPs from any other place, you should use the web service client API instead of trying to decrypt the OTP.

I hope this answers the question.

Thanks,
Simon