How does Yubikey work?

643    Asked by ankur_3579 in Cyber Security , Asked on Apr 4, 2022

How do YubiKeys work? Are there any alternatives?

Answered by ankur Dwivedi

How does Yubikey work can be explained as -


The YubiKey comes in different variants, for example the YubiKey 4 and the YubiKey U2F. All YubiKeys are hardware tokens and are connected to a USB port. Most feature an inductive button and one model also has NFC (the YubiKey Neo). The variants differ regarding form factor and the number of supported features.

The YubiKey 4 provides several functions:

OTP generation  OATH compatible OTP generation (i.e. HOTP and TOTP)

emulate a chipcard reader with inserted OpenPGP chipcard (up to 4K bit RSA or 256 bit ECC private key size)
act as PIV device (up to 2K bit RSA or 256 bit ECC private key size)

act as U2F device replay a static password For some of its features it presents itself as a USB HID device. There are alternative solutions available that provide similar or a subset of the multi-feature YubiKey 4. For example, classic hardware chip card readers (perhaps even featuring a keypad) in combination with an OpenPGP compatible chipcard.

The YubiKey U2F is only a U2F device, i.e. a device that is able to generate an origin specific public/private key pair and returns a key handle and a public key to the caller. Like other inexpensive U2F devices, the private keys are not stored, instead they are symmetrically encrypted (with an internal key) and returned as the key handle. Using the key-handle, the U2f device is then able to sign a challenge, thus creating a response as part of a multi factor authentication. Since U2F is an open standard (that is also pushed by corporations like Google), there are several alternative inexpensive U2F hardware tokens available (search for 'FIDO U2F key').



Your Answer

Interviews

Parent Categories