Which Yubikey Keepass is more secure, the one with OTP or with challenge/response?
I use a Windows 10 PC and an Android phone with Keepass. I would like to add a second factor on top of my master password that works with both Windows 10 and my Android phone. Between the two support methods of authentication, which one is more secure?
Yubikey + Keepass 2 using Challenge/Response
Yubikey + Keepass 2 using OTP
In my opinion "Yubikey Keepass 2 using OTP" can not be "secure". Why?
OTP can not be used to encrypt data
Keepass encrypts data and the problem with encrypted data is that you encrypt the data because you want to protect it against offline attacks. S.o. gets access to the data in the encrypted form and you want to avoid that the attacker can read it in clear text. But if the attacker has the encrypted data, he can run offline brute force attacks. And HOTP, creating 6 or 8 digit numbers do not realy add a big deal to protecting from offline attacks. It simply can add 6 digits to your password! This is fine for online authentication, when the account is blocked after a certain amount of failed tries. But there is no sense in using OTP to derive encryption keys from.
The thing with OTP is, it is so short because it can be easily used for authentication, because everybody can type it in everywhere. This is cool - but only for the intended use cases! I would not recommend using OTP for keepass! Using Challenge Response Using challenge response does not have this limitation. Don't get me wrong, OTP has it's right to exist! And the problem with challenge response is: you need drivers! So there are authentication scenarios where OTP is better (not more secure!) than a challenge response. But back to keepass 2 and the drivers. Well, with keepass this is no problem, because you obviously have them anyways. The Challenge Response mode of the Yubikey uses a symmetric secret key. You can send a challenge to the yubikey, it will create an hmac from the challenge and the secret key and respond with a 256 bit return value. Now, you need the same challenge and the same secret key to always create the same return value. And obviously the return value is used as the encryption key (well actually the secret key is used as encryption key, but it is stored encrypted with the response value) But bottomline, you need the secret key to decrypt the data. As we are talking about different key lengths here (than a 6 digit number), the secret key is as difficult to brute force as the AES encryption key itself. Read here: http://richardbenjaminrush.com/keechallenge/#usingĀ I would recommend using Challenge/Response!