[go: up one dir, main page]
|
|
Log in / Subscribe / Register

Security in an error-prone world

Security in an error-prone world

Posted Nov 5, 2015 9:46 UTC (Thu) by madhatter (subscriber, #4665)
In reply to: Security in an error-prone world by nybble41
Parent article: Security in an error-prone world

My Yubikey Neo already has three TOTP tokens on it accessed via RFID (plus two HOTP, via USB), and I believe the RFID token ceiling is quite a lot higher than that.

to post comments

Security in an error-prone world

Posted Nov 5, 2015 16:16 UTC (Thu) by nybble41 (subscriber, #55106) [Link] (14 responses)

Sure, but that's TOTP/HOTP. They depend on shared secrets, so you need a different one for each host, or else they each could impersonate you to the other hosts. SSH keys use public-key cryptography, so you can use the same key to authenticate to many different hosts.

Security in an error-prone world

Posted Nov 5, 2015 17:14 UTC (Thu) by madhatter (subscriber, #4665) [Link] (13 responses)

You're completely right, but that wasn't what I was saying. If you scroll back up, you'll see that mathstuf asked if there were devices that stored more than a few keys because "A YubiKey only holds 2 TOTP keys, so that's 9 yubikeys I need to carry around". My point was merely that a Yubikey Neo can definitely store more than 2 TOTP keys, possibly quite a lot more.

Security in an error-prone world

Posted Nov 5, 2015 18:36 UTC (Thu) by mathstuf (subscriber, #69389) [Link] (10 responses)

That's helpful. How do you determine which one to use? I read that it's one tap for one and two for the other. How is one expected to remember whether service frobnitz is 5 clicks or 6?

Security in an error-prone world

Posted Nov 5, 2015 21:22 UTC (Thu) by madhatter (subscriber, #4665) [Link] (9 responses)

The tokens produced by tapping on the Yubikey's "button" are HOTP tokens (either HOTP OATH, or Yubico's own (open) method of generating HOTP tokens).

The TOTP tokens are accessed via NFC, using (in my case) a free (newBSD-licensed, available on f-droid.org) Android app; some other device has to be involved, as the Yubikey has no internal clock. The external app provides a timestamp via NFC, and the Yubikey seals that using each of the secrets it has in NFC storage. As for identifying which TOTP code is for which external service, when each secret is loaded into the 'key a text snippet goes with it, and this is returned by the 'key over NFC, along with each associated TOTP code.

So when I fire up the app and bring it close to my 'key, three different TOTP codes appear on my phone's screen, each with a small text snippet (usually one that I chose) reminding me which particular remote service that TOTP code is intended for.

In case anyone's wondering, I have loaded the app from scratch onto someone else's phone, and verified that (as long as it's done in the same 30-second window) the same TOTP codes appear, with the same text snippets; all the service-specific stuff is on the Yubikey, the phone provides only communications, display, and a timestamp.

Security in an error-prone world

Posted Nov 5, 2015 23:35 UTC (Thu) by mathstuf (subscriber, #69389) [Link]

That does sound better. I'll have to look into getting one of the new yubikeys then.

Security in an error-prone world

Posted Nov 12, 2015 14:52 UTC (Thu) by itvirta (guest, #49997) [Link] (7 responses)

Does the NEO authenticate the device requesting it to sign a timestamp?

Because I started thinking about someone walking past one of them and asking it to sign
a timestamp for say, tomorrow, giving plenty of time to walk away and use the codes to login later.

Security in an error-prone world

Posted Nov 12, 2015 18:51 UTC (Thu) by flussence (guest, #85566) [Link] (2 responses)

It's not possible to siphon codes off the key inconspicuously like that. The phone only provides UI, the key outputs the codes via USB HID to the computer it's plugged into.

Security in an error-prone world

Posted Nov 12, 2015 22:05 UTC (Thu) by johill (subscriber, #25196) [Link] (1 responses)

I'm pretty sure the response goes via NFC as well - it has two modes, NFC or USB, but I don't think it combines them like that.

Security in an error-prone world

Posted Nov 16, 2015 14:00 UTC (Mon) by itvirta (guest, #49997) [Link]

At the least the video about the Android app (https://www.yubico.com/tag/android/)
shows the app displaying the otp:s on the smartphone.
Though it also mentions a possibility of password protecting the credentials.

Can't tell why I didn't find this the first time, though...

Security in an error-prone world

Posted Nov 18, 2015 21:43 UTC (Wed) by nix (subscriber, #2304) [Link] (3 responses)

It has no clock so cannot do that. What the Yubico OTP protocol does have is a counter which increments whenever a password is requested, and another counter which increments whenever power to the key is cut (how this interacts with NFC I'm not sure because I don't have any devices that can do NFC to test it with). An authentication server verifies that any password it receives has a higher session counter than the last password it saw from that key, or, if the same, a higher password-requested counter. So replay attacks are impossible, and if you want to reuse a password you acquired you'd better do it before the legitimate user logs in again even once: as soon as he does that the password you snarfed is useless.

(This is not ideal -- backward-compatibility concerns limit the session counter to 7 bits, and obviously the protocol requires it to saturate rather than wrapping, so overflows are well within the bounds of possibility. But it's not *bad*, and you can reset the session counter by resetting the underlying AES key and sending the new one to your authentication servers.)

Security in an error-prone world

Posted Nov 20, 2015 10:01 UTC (Fri) by tao (subscriber, #17563) [Link] (2 responses)

Uhm. Maybe I'm missing something here -- are you saying that you can only have 128 sessions (7 bits) before you need to generate a new AES key? I'm fairly sure I'd burn through that in no-time. Or is session defined in some other way than I imagine?

Security in an error-prone world

Posted Nov 23, 2015 23:30 UTC (Mon) by nix (subscriber, #2304) [Link] (1 responses)

No, I can't count. It's 15 bits, not 7. 32767 sessions. A 'session' is a plug/unplug with at least one key generation in between, and even with my dodgy USB hub causing several replugs a day I'm not burning through them very fast.

Security in an error-prone world

Posted Nov 24, 2015 17:38 UTC (Tue) by tao (subscriber, #17563) [Link]

Ahhh, right. That sounds more reasonable :)

Security in an error-prone world

Posted Nov 5, 2015 21:42 UTC (Thu) by nybble41 (subscriber, #55106) [Link] (1 responses)

> You're completely right, but that wasn't what I was saying. ... My point was merely that a Yubikey Neo can definitely store more than 2 TOTP keys, possibly quite a lot more.

And that's perfectly fine, but the comment you were replying to (mine) was questioning the need to store 22 *SSH* keys. Perhaps you meant to reply to mathstuf instead?

Security in an error-prone world

Posted Nov 5, 2015 21:45 UTC (Thu) by madhatter (subscriber, #4665) [Link]

You're dead right, and I apologise for being confusing.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds