Yubico Forum

Hi all!

Developers will need the ability to extract the AES key from the Yubico server, and we are thinking about the mechanism to use. There are a few obvious choices:

1) OpenPGP protected text file with base64/hex/modhex key. When you order, you supply a link (and fingerprint) to your OpenPGP key. The file is e-mailed to you after purchase.

2) S/MIME protected text file with base64/hex/modhex key. When you order, you supply a link (and fingerprint) to your S/MIME certificate. The file is e-mailed to you after purchase.

3) Get the AES keys on a CD, in a text file with base64/hex/modhex key. This would add some cost on initial delivery, or add some cost plus shipping if you want to order the CD later on. To protect against physical man in the middle, we have two obvious variants.

3a) Get AES keys on a CD, in a text file with base64/hex/modhex key, OpenPGP protected.

3b) Get AES keys on a CD, in a text file with base64/hex/modhex key, S/MIME protected.

4) Use some standard format for key delivery. PKCS12? IETF KeyProv?

We at Yubico like to know what you would prefer. So use this topic to let us know your thoughts on this topic.

Thanks,
Simon

Using a CD doesn't seem like a very good solution for developers, but it could be a good solution for larger orders (thousands of keys) if you wanted to provide keys for such deployments. I guess it would be pretty difficult to link up the AES keys with the corresponding yubikeys, since they don't carry a serial number or anything else to distinguish them from each-other.

For developers, a simple web page (over https of-course) where you log in with a yubikey and a password you created when ordering them (this would require that you create an account with Yubico prior to purchase) would give you the AES key for the Yubikey you just authenticated with.

This requires that everyone creates an account with Yubico when purchasing and that Yubico must associate the Yubikeys with that account. This is some extra work, I presume, but will guarantee that only the actual owner of the Yubikey will be able to get at the AES key and not someone who just happens to have gotten a hold of one.

This method is not a risk when the keys have been personalized for use with some company or other authentication service because the AES key you have will then no longer be correct and authentication will fail for that particular key, preventing the attacker from even accessing the invalid key (although I don't really see why that should be protected, it's a nice bonus).

I second the suggestion for a https webpage. Seems to me that this would be the most convenient way to fetch a couple of keys for development purposes. As for format, it seems to me that a simple modhex encoded string would be easiest. Developers will already have methods for decoding modhex, and wouldn't need to install other decryption applications.

Yes HTTPS webpage would be nice.
And very easy to implement

I like the simple HTTPS page for small orders too. Seems like it would be the easiest and cheapest to implement and require the least amount of maintenance once the system is up and running.

If having the keys available on an internet accessible web server is not an option due to security reasons, then I would vote for the 1st suggested option of the OpenPGP protected text file being sent via email. I don't favor the CD option because I have received CD/DVDs in the mail and they sometimes arrive broken or scratched and this is when they are mailed to me from a place close to me. I have a feeling the odds of a CD arriving to me damaged when shipped from the other side of the world will be greater.

We are somewhat skeptic to the web service approach for AES key distribution, since it means that anyone who gets hold of your yubikey for a minute or two can retrieve the AES key for it. Not good for security... I do understand it is the best for quick testing though.

Right now we don't have easy access to connect the yubikey OTP with the e-mail of the person who bought it, so we can't do an automated e-mail ping either. But we could fix this, but it will increase time&costs at personalization time for us.

/Simon

You only need to download the file with AES keys once (for a batch), so could it not be possible to allow only one successful https download?

In the case some black hat manage to borrow a YubiKey from you before you did get chance to download yours you will know since you can not get the AES keys.

You missed the part about requiring to enter a password or code, set at purchase or generated and provided by mail with the keys themselves, to verify that the one logging in with the key is the same person as the one who made te purchase. That solves that security issue and will not allow anyone with only the yubikey to retrieve the key.

While the https web page is a very convenient solution, I think the email/OpenPGP solution is secure, practical and fast option in order to get our keys fast, while a better solution is developed.

Personally I would love to get my AES key as soon as possible because I cannot make any developement without loosing my actual key and all the yubico online services.

Please consider the email/OpenPGP in the meantime. By the way, can I get my AES key NOW by any other method?. I now, I'm a bit anxious!

To clarify, if anyone wants to get the AES key in their own yubikey, just send me an OTP for your device and we'll take care of it manually.

This thread is about how to do this "properly" in the future.

/Simon