
Yubikey with USB-C - nickik
https://www.yubico.com/2017/01/yubikey-usb-c-ces2017/
======
blintz
No word on switching back to open source. Their YubiKey NEO was open source;
not sure why insist on proprietary code for the YubiKey 4. I'm frankly not
comfortable with this kind of "security by obscurity".

[https://github.com/Yubico/ykneo-
openpgp/issues/2#issuecommen...](https://github.com/Yubico/ykneo-
openpgp/issues/2#issuecomment-218446368)

Edit: Never mind, there's actually a reasonable explanation for the change:
[https://www.yubico.com/2016/05/secure-hardware-vs-open-
sourc...](https://www.yubico.com/2016/05/secure-hardware-vs-open-source/)

~~~
j_s
I believe it has been discussed here previously, but open source on a
propietary firmware (Java VM) wouldn't be considered open source by many.

[https://news.ycombinator.com/item?id=11691655](https://news.ycombinator.com/item?id=11691655)

It is interesting how it allowed revealing the details of a bug in the
implementation, though.

[https://developers.yubico.com/ykneo-
openpgp/SecurityAdvisory...](https://developers.yubico.com/ykneo-
openpgp/SecurityAdvisory%202015-04-14.html)

~~~
OJFord
> _open source on a propietary firmware (Java VM) wouldn 't be considered open
> source_

It's significantly better than completely closed though!

~~~
yarrel
Why? You still can't control, fix or trust the software as a whole.

It's like a parachute that _almost_ opens.

~~~
rrobukef
Then it's at least a parachute and not a backpack with an anvil.

~~~
na85
And yet you'll still be in trouble when you impact the ground

------
Tharre
It's unfortunate that there is no Yubikey nano for USB-C yet. I really like
the nano form factor, especially because I can't accidentally break a USB port
like I could with the normal sized one.

I guess it's really hard to fit all of the electronics in a port as small as
USB-C though.

~~~
bonzini
I like the form factor, but as a second factor it sucks. Effectively your
computer becomes the second factor, and it's much more likely that your laptop
(with the Nano plugged in it) is stolen, than a keychain with a bigger Neo.

It's acceptable if you only use it for OTP, but I can't get myself to put GPG
private keys on a Yubikey Nano...

~~~
bascule
Why? Your GPG key is airgapped and inextricable (except possibly via something
like a DPA-style attack), and you can set a PIN required to perform any
private key operations, complete with a configurable number of attempts before
the device wipes itself.

There are DPA attacks to be worried about, but if you set a decent PIN and
limit the number of failed attempts your GPG keys will probably be safe if
your Yubikey is ever lost/stolen.

~~~
lmm
I figure I can get a lot more security with a practical-length passphrase than
a practical-length PIN.

~~~
Xylakant
I have a 6 digit pin (8 digit admin pin) with 3 retries before the device
wipes itself. The chances of an attacker cracking that are negligible - I'm
more concerned about someone observing my typing (applies to passphrase as
well) or actual physical attacks on the yubikey (stolen, decapped, ...) but
I'm not the target demographic where such effort would be warranted (or at
least I hope so). An attacker could backdoor my PC and intercept the
passphrase dialog - but in that case he'd still need my yubikey which makes
remote attacks impractical and makes me notice the theft. This is not the case
with a passphrase on a secret key - a machine compromise may silently take
everything without you ever noticing.

------
VA3FXP
A security token is an excellent concept, but usually fails when applied to
'typical' use-case scenarios.

Are you military personnel who is in charge of turning the key and launching
the nukes? -Excellent reason to have a key that is impossible to forge. -Also,
"key discipline" is likely very high.

Are you a paranoid nerd that wants to make sure that you cannot be
compromised? -Excellent reason to have a key that is impossible to forge. -But
what happens when you lose that security token?

i.e. "Honey! I can't find the car keys, have you seen them?"

We desperately need _BETTER_ 2FA. Bio-metrics are not the answer. I would be
in favor of an implantable RFID chip or whatever 'better' tech comes around.

~~~
Fnoord
> But what happens when you lose that security token?

Pretty simple: you use your backup key to revoke the lost key. This is
possible with e.g. Lastpass and Google. Of course, if the attacker logs in
before you revoke the key, you are hosed, but the same would be true in your
car analogy.

> i.e. "Honey! I can't find the car keys, have you seen them?"

With car keys, too, you have a backup key. Arguably, the physical car keys are
easier to copy.

> I would be in favor of an implantable RFID chip or whatever 'better' tech
> comes around.

Nothing new, see this article from 2004 [1]. As you can read in the article,
its first headline was even in 2001 (to put in perspective this is 15 to 16
years ago). Company's name is VeriChip.

The problem is that the signal can be intercepted (AFAIK it doesn't use a form
of OTP), and the key cannot be easily replaced/revoked. A YubiKey doesn't
suffer from this issue. The issue a YubiKey has is that it can be easier lost
than an implant.

The YubiKey Neo ('large' version, _not_ the 'laptop' version) supports NFC.

> We desperately need _BETTER_ 2FA.

Why? How?

[1] [http://www.wnd.com/2004/04/24179/](http://www.wnd.com/2004/04/24179/)

~~~
rthille
I'd love something like a Yubikey Neo (NFC) with a fitness band type form
factor (that I can shower/swim with), and an intention indicator (button of
some sort) before the NFC would respond.

~~~
Fnoord
Right now I use a Pebble smartwatch (which I use for fitness, too) with
Bluetooth 4 to unlock my Android phone. Not very secure since (as you put as
well) I don't verify the unlock via my smartwatch, and I'm not sure about
impersonating Bluetooth 4. Then again, I'm not sure if NFC (RFID) can be
impersonated, either. And, if yes, how feasible it is.

------
newman314
Maybe I'm going about this the wrong way but how do people handle 2FA across
multiple machines with multiple keys?

I have multiple desktops, laptop and several mobile devices that I often
context switch across. I'd like to use 2FA without having to plug and unplug
the key every time I want to switch devices.

~~~
guitarbill
IDK if this is the right way to go about it.

But I have one long password (30 characters) for logins and disk encryption,
and everything else is 1Password/2FA. If you allow cookies, you won't get
asked to use the key again. Most sites allow you to also use an authenticator
app on your phone (some even force you to also set this up when you add a
key). And I have GPG subkeys for every machine, so the key is only needed for
the initial bootstrap. So this way, the amount of times you actually have to
use the key is low. I'd say I use mine one a week, maybe less.

~~~
tokenizerrr
> some even force you to also set this up when you add a key

Which is a good idea if your key gets crushed.

------
nickik
What I really want is not USB-C but rather a Yubikey 4 the supports NFC. None
of the sticks support all features, is quite vexing. Now I have to carry
different sticks for different reasons.

~~~
simcop2387
NFC is the thing that's got me still using my Neo. It's the only reasonable
way to use one with a phone for 2FA.

~~~
BHSPitMonkey
Apple phones support neither USB-C nor NFC, so for those it's a non-issue.
Android phones (from the last few years onward) have NFC but also have USB-C,
so why exactly would you need to have both?

~~~
lmm
S7 doesn't have USB-C, and that's about as recent as it gets. And even if my
phone had USB-C, NFC is more convenient.

------
jacko0
It would be nice to have USB C at one end and normal USB at the other.

~~~
Ajedi32
Yeah, for the moment at least USB-C isn't universal enough that I'd be
comfortable carrying a key that _only_ works with devices that have USB-C
ports. Maybe in a few years...

------
CoolGuySteve
What is a Yubikey, I asked:

"Your YubiKey provides a second factor of security for your logins, beyond a
username and password. Your YubiKey needs to be registered or paired with each
computer, service, or site you use it with. "

~~~
Ajedi32
Yeah, it's basically a smart card you can use with a bunch of popular sites
like Google, GitHub, Dropbox, etc. (See
[http://www.dongleauth.info/](http://www.dongleauth.info/) for a more
extensive list.) Based on an open standard (FIDO U2F). Some versions also
support storing PGP keys and the like.

~~~
ghostly_s
Why would one prefer to use a dedicated device like this, now that smartphone-
based 2nd-factor is an option?

~~~
nickik
There are a number of reasons.

\- Clicking button is far easier and faster (it really does make a
difference).

\- Your smartphone is complex software and often attacked. Secrets can be
stolen.

\- Based on public-key crypto, no secret on the server.

\- Built in phishing protection

\- Your own private key is secure hardware that you can't read the key from

To be fair, a smartphone could also implement U2F and you would get some of
the same benefits. Samsung phones for example already support UAF (the other
FIDO) protocol.

~~~
flavor8
Doesn't this mean that Yubi has the potential to know what your private key is
(since they have to bake it into firmware before selling you the device)?

~~~
xemdetia
Most key dongles or smartcards let you load your own key on the device in a
write-only fashion, or use the inherent secure cryptographic operations from
the device to generate a key (which could subsequently tested if it is random
enough through examining the public key portion and multiple tests).

~~~
lmm
> use the inherent secure cryptographic operations from the device to generate
> a key (which could subsequently tested if it is random enough through
> examining the public key portion and multiple tests).

It's not really possible to verify randomness this way - particularly for a
device that already has a decent chunk of storage and crypto operahtions.
Suppose the "random" number generator is actually an AES keystream coming from
a key controlled by the NSA - how would you tell?

------
_joel
It's unfortunate that they went closed source but I still have a Neo here that
survived several months in my washing machine (it got silently caught between
the rubber manifold and the drum). Eventually when I found it again, plugged
it in expecting nothing, but was greeted with the green flashing led and the
button worked just fine. I still have it but don't use it anymore, the closed
source thing grates a little with me so use other methods now.

~~~
j_s
Would you mind taking the time to share the details of your current open
source authentication solution?

~~~
_joel
Yes, certainly. I ended up using TOTP with an authenticator on my phone. Try
FreeOTP[1] or if you're not fussed about pure open source, Authy is worth a
look. On the systems you can link it into PAM using Google's OTP plugin[2],
either locally or via SSH etc.

It's definitely not that ground breaking but it works, provides reasonable
extra security and meets my requirements. It lacks some of the feature of
Yubikey like storing GPG on there or HMAC etc, but I don't need those
functions in reality.

[1] [https://freeotp.github.io/](https://freeotp.github.io/) [2]
[https://github.com/google/google-authenticator-
libpam](https://github.com/google/google-authenticator-libpam)

------
2bluesc
Worth mentioning that it seems that the USB-C OpenPGP app may support RSA
4096. I'd love to upgrade my yubikey ssh key from RSA 2048 -> 4096.

Currently my YubiKey Neo only supports RSA 2048 as it's a hardware limitation
of the NXP A700x chip used inside.

[0] [https://www.yubico.com/2015/02/big-
debate-2048-4096-yubicos-...](https://www.yubico.com/2015/02/big-
debate-2048-4096-yubicos-stand/)

~~~
AbacusAvenger
YubiKey 4 supports 4096-bit RSA. But it's not USB-C.

~~~
ylk
But that's what the article is about?... The YubiKey 4C. A YubiKey 4 that
supports USB-C.

------
spchampion2
Have they ever figured out compatibility with iOS? I feel like this is the
biggest thing holding them back from broader adoption.

~~~
polack
Have you tried to setup a Yubikey with RSA-keys and click-to-sign? It's things
you expect "just to work", but the tooling around the Yubikey sucks big time
and thats what holding them back. It's a shame though cause they make really
good hardware.

Their strategy has been to gain tracktion through the major tech players.
Think it's time for Stina to realize they cannot ignore the rest of us if they
want to make it big.

~~~
nickik
What competitors have tools that just work?

For the most part there provided guis work wunderfully.

GPG is of course always a mess.

I agree with click to sign, that seems to be a bit hacky, otherwise however
its fine.

------
DCKing
Great! The reason I bought a Yubikey Neo over the Yubikey 4 is that I need
access to the key on all my devices - computers _and_ my phone(s). It's a way
to do secure and user-friendly way to solve the key distribution problem to
have access to your TOTP tokens, FIDO credentials and/or your PGP keys on all
your stuff. I would not use PGP otherwise, as it leaves key distribution as an
exercise to the user [2].

Since USB-C is going to be the standard on computers, phones and tablets this
new product will be very versatile and usable secure authentication across
almost all devices [1]. Only question is - do apps like Yubico Authenticator
and OpenKeyChain support this on Android already?

[1]: You're out of luck on iDevices of course, but you're out of luck with
iDevices and Yubikey already.

[2]: This was much less of a problem for the first ~15 years of PGP's
existence of course, but it feels old-fashioned nowadays.

~~~
aendruk
I regularly use OpenKeychain with the YubiKey 4 Nano USB-C bundle on a Nexus
5X.

[https://www.yubico.com/product/yubikey-4-nano-usbc-
bundle/](https://www.yubico.com/product/yubikey-4-nano-usbc-bundle/)

------
2bluesc
I'd love to replace my YubiKey Neo with the USB-C version because it looks
more rugged. That said my Neo works fine but I fear it destroying a USB port
after a minor accident.

However, my problem with USB-C is while it works great on my laptop, my
desktop doesn't have a USB-C port anywhere near my desk or keyboard. I'd have
to buy a hub or something. I'm sure this will get better as I find excuses to
replace parts of my desktop hardware.

~~~
jsjohnst
Exactly my thoughts. Finally a yubikey I don't have to worry about breaking.
Admittedly, I've never broke one, but I still live in fear of doing so.

I'm surprised folks like the Neo though. I rarely use mine anymore as I kept
accidentally triggering it when I carried my laptop to meetings.

~~~
AlisdairO
The Yubikey Nano is pretty great in this regard - doesn't stick out enough to
really worry about breaking.

~~~
jsjohnst
The Nano (not Neo) is the one I was referring to (said wrong thing). It's the
one I used to trigger at least once a day accidentally, usually in a chat
window as luck would have it.

------
joshpadnick
What are the options for handling loss or theft of your YubiKey if using as an
individual? I love the concept of a physical token as a second auth factor,
but last I checked, there were no good loss-recovery scenarios when used as an
individual (versus in a corporate environment where IT manages the Yubikeys).

~~~
closeparen
Far as I can tell, the best strategy when using any 2FA system personally is
to enroll at least 2 authenticators, and keep one in a safe place (preferably
that a family member or trusted friend can get to while you are traveling).

If either is compromised, you can use the other to log in and block it.

~~~
joshpadnick
Thanks, this makes sense. I suppose you can buy as many Yubikeys as your
paranoia dictates and potentially even distribute your backups in different
physical locations.

Is there any potential for the Yubikeys to get "out of sync"? Or do you just
initialize both Yubikeys upfront, and then distribute them to a safe place?

~~~
ChoGGi
You do them upfront, then store one in a safe place (ie: for github I have
yubi and yubibackup registered)

------
lawpoop
I use the yubikey, and I wish it had a blinking LED while it was in the slot,
to let me know that it was still there, and should not be.

The first week I had it, I left it inserted in the computer a number of times.
Now I keep it on my keys so that I don't forget to remove it.

Now I

------
jwatte
It needs A on one end and C on the other, because nobody I know works on only
one device.

(OTG too for various devices, of you want really wide compatibility)

------
georgyo
Does anyone know why the yubikey 4 supports RSA 4096, but ECC only goes up to
384 and not 521? Sure 384 is likely "enough" but ECC 521 is both faster and
smaller than RSA4096. I just can't seem to figure out why they would impose
that limit.

~~~
ChoGGi
Strange they mention supporting 521 here [1], but on the compare page they
only list 384?

[1] [https://www.yubico.com/2016/05/secure-hardware-vs-open-
sourc...](https://www.yubico.com/2016/05/secure-hardware-vs-open-source/)

Edit: looking at the PIV tools manual they provide; I can see no mention of
the tool supporting 521, it fails when I try to generate a key.

Looking through the .h files, I do see mentions of p521 ;)

    
    
      int BN_nist_mod_192(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
      int BN_nist_mod_224(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
      int BN_nist_mod_256(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
      int BN_nist_mod_384(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);
      int BN_nist_mod_521(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx);

------
supermatou
Anyone else using a similar product, OTHER than Yubikey? I've read on certain
forums about Yubikeys being "flimsy" and less durable than similar products;
is this true? what is your experience with it?

~~~
daveguy
I have had a yubikey neo on my keychain for almost 4 years now. It is thin
plastic and seemed like it might not hold up this long, but it has been going
strong. I think they have changed designs to make it smaller since (which
would be stronger). They do make solid products.

That said, I would rather use Google Authenticate (TOTP) for two factor.
Getting my phone out is a regular thing. Getting the yubikey out and plugging
it in seems more of a hassle. Passpack is the only thing I have to use the
yubikey for -- would be happy if they provided TOTP. Spending $40 for two
factor these days is kind of ridiculous.

~~~
nickik
Why not just leave it plugged in. That might be tricky in a train or so, but
normally its fine. I use a Nano and just leave it in most of the time.

Its not only more convinient, its also far, far safer then TOTP.

The will not support TOPT because that would require constant power.

You can get a U2F only stick for 18 bucks from them. Once in a while (for
example when github interduced U2F the sell 2 for 5$).

~~~
nycatelos
Yubikeys support TOTP...

[https://www.yubico.com/support/knowledge-
base/categories/art...](https://www.yubico.com/support/knowledge-
base/categories/articles/how-to-use-your-yubikey-with-authenticator-codes/)

~~~
nickik
TOTP requires an app, Yubico Authenticator.

~~~
daveguy
Exactly, and if you are going to use an app anyway, you may as well have the
app keep the token.

~~~
nickik
I actually still use it because this was I can use somebody else phone or some
other device if I need to. That has come in very handy before.

------
cmurf
Couldn't there be a passthrough? I guess that means making the key a two port
hub (one internal for the key itself, one external for connection additional
devices).

------
arielweisberg
Great to hear. Seems like very fast turn around addressing the needs of USB-C.
Looking forward to the snag free version.

------
joeseeder
Lovely to see USB-C, I hope it will be plug and play for all USB-C phones as
well!

------
modeless
"We are working on an additional smaller YubiKey form factor with a USB-C
design akin to the YubiKey 4 Nano, but do not yet have a time frame for
availability."

This is what I'm waiting for. Besides lower prices. There's just no way these
things should cost more than $2.

~~~
djrogers
> There's just no way these things should cost more than $2.

Absent R&D costs, support costs, sales costs, and you know - actually making
money...

~~~
2bluesc
Don't forget things like standing behind your product and replacing it when
things go wrong, because this is security after all.[1]

Alternatively, I bet they could sell them for less and deny all future
security issues or ask that you throw them away when they are inevitable
discovered.

[1] [https://www.yubico.com/2015/04/yubikey-neo-openpgp-
security-...](https://www.yubico.com/2015/04/yubikey-neo-openpgp-security-
bug/)

------
debt
yubikey can still be circumvented by bribing or blackmailing a user. idk seems
like another security illusion.

and it's proprietary so only yubikey knows what kind of extra shit they're
running on it.

------
wonko1
50USD for what I'd guess is about 1USD of components.

Not that this isn't justifiable... just the way it goes when most of the cash
goes into development perhaps.

~~~
2bluesc
> 50USD for what I'd guess is about 1USD of components.

These are crypto hardened chips with obfuscated ASIC layouts and other details
to prevent things like power line attacks and decapping. These aren't quite
your run of the mill commodity chips.

Furthermore, Yubico stands behind their product. When someone hacked the key
with a power line analysis attack, they released updated firmware [1]. When
someone hacked the OpenPGP applet that I use for SSH, they replaced my Yubikey
Neo in a hassle free manner [2].

> Not that this isn't justifiable... just the way it goes when most of the
> cash goes into development perhaps.

When you factor in the cost of pretending that security devices don't have
issues and compare it to the cost of actually handling those issues, it may
not be so bad.

[1] [https://www.yubico.com/2014/04/improvements-physical-
yubikey...](https://www.yubico.com/2014/04/improvements-physical-yubikey-
attacks/)

[2] [https://www.yubico.com/2015/04/yubikey-neo-openpgp-
security-...](https://www.yubico.com/2015/04/yubikey-neo-openpgp-security-
bug/)

~~~
BostonEnginerd
I have a rather favorable impression of the company based in their responses
to the incidents that you mentioned. They replaced my YK Neo without any
hassle after the OpenPGP applet vulnerability was disclosed.

