Yubico Forum
https://forum.yubico.com/

[Question] Regarding the security of the contained secrets.
https://forum.yubico.com/viewtopic.php?f=35&t=2730
Page 1 of 1

Author:  Morthawt [ Fri Sep 29, 2017 3:06 pm ]
Post subject:  [Question] Regarding the security of the contained secrets.

I have seen a video recently of some higher up person in Yubico, who had something to do with the government or something and as part of his talk, he said there is a special acid wash that could strip away the resin. Which leads me to ask the question that how secure are the secrets really if someone can gain access to the raw guts of the Yubikey? Are the chips, themselves, protected from giving up their secrets against someone who has successfully removed all the resin and have the exposed components etc?

Author:  sebastiannielsen [ Fri Sep 29, 2017 8:25 pm ]
Post subject:  Re: [Question] Regarding the security of the contained secre

The old yubikeys are suspecible to this attack. (I don't remember when Yubico started using security elements, I however know that yubikeys that look like this:
Image
Isnt fully secure)

But the new yubikeys (all Yubikey Neo, Yubikey 4) are constructed out of a real security element like the one used in bank cards, thus any physical attacks, including acid, electron microscope etc are impossible. They are even in the process getting FIPS 140-2 level 3 certification, which is a gurantee that its impossible to attack

So you can, in an organization, safely program all yubikeys with the same company-secret AES and then identify user based on private ID.

Author:  Morthawt [ Fri Sep 29, 2017 9:11 pm ]
Post subject:  Re: [Question] Regarding the security of the contained secre

Hackers have done tons of things with bank cards though.

Author:  Morthawt [ Fri Sep 29, 2017 10:01 pm ]
Post subject:  Re: [Question] Regarding the security of the contained secre

What do you mean by company secret and identify them? By what means?

Author:  sebastiannielsen [ Sat Sep 30, 2017 9:52 am ]
Post subject:  Re: [Question] Regarding the security of the contained secre

What I mean, is that its safe to program the very same AES key, into X yubikeys used in a specific corporation, and then use the "Private ID" field, to identify who is logging on.
Thus you can turn the "public identity" field off, which means you will get a string of exactly 32 characters when pressing the button.

Author:  Morthawt [ Sat Sep 30, 2017 8:49 pm ]
Post subject:  Re: [Question] Regarding the security of the contained secre

You may find this link interesting. They dissolved all the resin with Acetone: http://www.hexview.com/~scl/neo/

In this state, how secure is the Yubikey? If the resin is providing the security of the secrets, that would be worrying. So how capable is the technology it's self, at never divulging the private key / secrets that are programmed into the Yubikey when physical access of the internals is very possible?

Author:  sebastiannielsen [ Sun Oct 01, 2017 7:50 am ]
Post subject:  Re: [Question] Regarding the security of the contained secre

Then you have misunderstand everything.
The first yubikey, and the second one - both who looks similiar to the picture I posted - are suspectible to this attack you linked to. (The second yubikey looks like a NEO but lacks a logo in the touch button)

The NEO and 4 however, is impossible to extract the secrets out of. To understand why it isn't a issue that the casing can be dissolved with acetone, its because its not part of what is called the "Security Boundary".

The main MCU (NXP LPC11xx or LPC13xx) isn't security sensitive, as it only acts as an interface between the USB and the A7005.
Think the main MCU as the USB-connected Smart-card reader. And the A7005 as your actual smart-card.

The security boundary is however the casing of the A7005 chip. The A7005 chip is EAL5+ certified, which means its impossible to physically attack the A7005 chip for it to give up its secrets. Yubico is in the process of getting FIPS 140-2 level 3 certification - which is the HIGHEST POSSIBLE for a battery-less device.
(level 4 REQUIRES a battery)

All secrets, including U2F, Yubico-OTP, CCID/PIV etc, is stored inside the A7005 chip.

Author:  Morthawt [ Sun Oct 01, 2017 2:28 pm ]
Post subject:  Re: [Question] Regarding the security of the contained secre

Very nice. Thanks.

Author:  neildotwilliams [ Wed Nov 29, 2017 12:32 pm ]
Post subject:  Re: [Question] Regarding the security of the contained secre

Hi, I cant see Yubico listed in the 'modules in processing' list. Does anyone have any links? Thanks.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/