
Google Unveils Titan Security Key, a Yubico-Like Phishing Resistant 2FA Device - chobo
https://www.cyberscoop.com/google-titan-security-key-2fa-anti-phishing/
======
ridgewell
I don't think I'm all that opposed to competition in this space. Yubico has a
virtual monopoly on high-quality Fido U2F keys at the moment. Google is a
giant admittedly, and could crush Yubico overtime though. Not sure if this is
just a cheaply made Feitian Key though rebranded for Google Cloud, or if it is
a new product in itself.

However, I've heard that Google is kind of going on a tangent with its own U2F
implementations, emphasizing an old-school implementation instead of the Web
Authentication Standard that's pushed by the W3C. Google's entry and dominance
in the security key industry could be detrimental overtime by limiting the
actual implementation of FIDO U2F, or it could push security keys into the
mainstream too, and with that, open the floodgates for supply.

~~~
agl
> However, I've heard that Google is kind of going on a tangent with its own
> U2F implementations, emphasizing an old-school implementation instead of the
> Web Authentication Standard that's pushed by the W3C.

Chrome has supported "U2F" (the first FIDO spec) for a while and all support
for Security Keys in the last few years has been via this protocol.

But we're implementing the W3C Web Authentication (webauthn) spec and you can
already use it in Chrome in place of U2F. All effort is going into webauthn
now and the U2F code is frozen. At some point I'll announce a sunset date for
U2F support in Chrome and happily delete that code. (Just the API, U2F keys
will continue to work via webauthn.)

~~~
puzzle
Can you use local storage and upload local applets to these new keys?

The main use case is authenticating under Secure Shell on a Chromebook without
having to configure the key on e.g. Linux first:

[https://groups.google.com/a/chromium.org/forum/#!topic/chrom...](https://groups.google.com/a/chromium.org/forum/#!topic/chromium-
hterm/LuDVJ67Q4BE)

[https://chromium.googlesource.com/apps/libapps/+/HEAD/nassh/...](https://chromium.googlesource.com/apps/libapps/+/HEAD/nassh/doc/hardware-
keys.md)

~~~
scott00
Don't know anything about the Google Titan keys, but they are most likely
Feitian hardware with custom firmware, and you can buy unlocked versions of
Feitian security keys by contacting them. On unlocked keys you can install
your own javacard applets.

------
confounded
If you like your hardware and software free and open (or like to support
smaller businesses) there's also the NitroKey:

[https://www.nitrokey.com/](https://www.nitrokey.com/)

Not quite as slim, but to me at least, cooler.

Made in Berlin!

~~~
Cthulhu_
Being open is really important in this case - I can't be sure there isn't some
government backdoor in Google's keys, for example.

------
kxyvr
Could someone explain the difference between FIDO and FIDO2 compliant keys?
For example, is new hardware required or will existing FIDO/U2F keys work with
FIDO2? It looks like Yubico is advertising a new FIDO2 key under the brand
name "Security Key by Yubico". Personally, I've been meaning to pick up a U2F
key, but if sites are going to start rolling out WebAuthn support, I'd rather
have a key that supports both FIDO and FIDO2. Does anyone have a
recommendation?

~~~
agl
Webauthn works with both FIDO1 and FIDO2 keys. (Unless you have the new, FIDO2
key from Yubico then you have a FIDO1 key). You might also see them called
CTAP1 and CTAP2 keys because CTAP is the bit of FIDO that defines the
interface to the hardware tokens. (CTAP: "Client to Authenticator Protocol".
See [https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-
cl...](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-
authenticator-protocol-v2.0-id-20180227.html))

FIDO2 keys talk a different protocol and do everything that FIDO1 keys do, and
(potentially) more. For example, they may operate in "resident key" mode where
the key remembers both your username and private key. They can also support
things like PIN activation.

I've only briefly poked the Yubico FIDO2 key. I think it supports a limited
form of resident keys and it advertises PIN support, although I didn't
exercise that.

------
ben1040
This looks similar to the Feitan Bluetooth LE-compatible key they also
recommend that you purchase if you enable their Advanced Protection feature on
your Google account:

[https://www.amazon.com/Feitian-MultiPass-FIDO-Security-
Key/d...](https://www.amazon.com/Feitian-MultiPass-FIDO-Security-
Key/dp/B01LYV6TQM)

~~~
ianburrell
The other looks like the Feitan ePass NFC U2F Security Key.

[https://www.amazon.com/Feitian-ePass-NFC-FIDO-
Security/dp/B0...](https://www.amazon.com/Feitian-ePass-NFC-FIDO-
Security/dp/B01M1R5LRD)

~~~
chaz6
I have one of these and I can strongly recommend it.

------
jrochkind1
Uh, so was that last article about how these keys prevented phishing attempts
at google just marketting for this product?

~~~
pvg
What exactly would warrant such 'marketing'? You think Google is going to make
mad money selling little USB doodads to uber-nerds?

~~~
tylerl
Cost.

This tech should be bread-and-butter security for enterprises and consumers
alike, just like TLS is today. The main reason why it's not is the crazy
device cost.

And like the early CAs with SSL in the 90s, Yubico is charging way more for
entry than the underlying cost would justify. Based on the teardowns, it looks
like they have a 10x or higher markup above standard "profitable" hardware
patterns on these devices. Like 90s Verisign charging more for key length,
Yubico is selling the security delta. They're free to set their own prices, of
course, but that pattern makes real security a luxury rather than an
expectation.

What eventually made SSL more than just an enterprise luxury was competition,
driving the price down to only $100/cert initially, and eventually lower as
volume became a factor.

If Google can bootstrap adoption by bootstrapping price competition, that will
encourage more manufacturers to build u2f devices, driving prices lower still.
Eventually this tech will become an expectation rather than a luxury.

~~~
tptacek
It's a little frustrating to read analyses like these, which sort of seem like
they're premised on the COGS cost of the parts they sell.

In fact, the marginal cost of one U2F token has probably not much to do with
the price Yubikey assigns to its tokens. Yubi has to pay not just for the
hardware, but for their engineering team and for the cost of educating the
market about using these things, which remain super-niche products that we're
barely even able to get Congressional campaigns to adopt, let alone a
significant fraction of the Github user base.

Also, I don't know what teardown you're looking at, but it sounds like you're
saying you can buy an NXP MCU that can do ECC operations for under $2, which
sounds... low... to me. The one-off BOM cost for the NXP MCUs they apparently
use for the Neos looks to be something like $40.

------
ReidZB
It sure would be nice if AWS would support FIDO U2F. Currently, only TOTP
codes are supported. I guess most orgs are implementing that in their SSO
solution, but for those of us that still have regular IAM users, U2F would be
a big improvement in usability.

~~~
cjcampbell
Yes! I don't understand why it has taken so long. The benefit for protecting
root accounts and scenarios where federation is not applicable is significant.

I find the usability to be a particular drag during local development.

------
haberman
For those of us with Mac laptops, is there a reason that the laptop itself
with TouchID and Secure Enclave can't act as a U2F security key?

Maybe that is what this is?
[https://github.com/github/SoftU2F](https://github.com/github/SoftU2F)

~~~
veeti
Chrome is doing this:

[https://lists.w3.org/Archives/Public/public-
webauthn/2018Jun...](https://lists.w3.org/Archives/Public/public-
webauthn/2018Jun/0472.html)

------
masonhensley
Can someone explain this?

> “Yubikey cost Google less than their own authenticator app,” Ehrensvärd
> said, and there have been no account takeovers since the program was
> implemented, Google says.

~~~
tln
Perhaps he is factoring is the human cost. Yubikeys save a couple of minutes
multiple times per day.

~~~
pc86
I took it as the cost of just purchasing Yubikeys for everyone was less than
the payroll and associated costs of developing the Authenticator app.

But I could either interpretation (or both) being correct.

------
nevir
I remember hearing that Google's main critique with yubikeys is that the newer
keys' firmware is no longer open source (and thus, no longer independently
verifiable). And that was, apparently, a primary motivation for breaking away
from Yubico.

I wonder if its firmware will be open source? The marketing page makes no
mention of that

------
w9r09eridlk
I feel stupid for asking this, but what if you lose your key?

~~~
mimming
It’s not as big of a deal as you might expect because:

\- The spec requires providers to allow independent addition / removal of
multiple keys per account, so it’s easy to manage backup U2F keys.

\- Providers can use any backup authentication method they want. This includes
SMS codes, TOTP / HOTP apps, email resets, or maybe VCing in to tech support.

And even if the backup method is less awesome (e.g. sms codes) it still
reduces your risk because because you use it less often.

[edit for formatting]

~~~
steve19
Is it a good way to store SSH keys? Looking at the company website is seems a
little hacky.

------
394549
What's the difference between this and other U2F security keys? Are these just
a Google-branded U2F keys, functionally identical to those from Yubico?

------
BooneJS
If the Google Titan Security Key is a rebadged Feitian key, why does it share
a name with this piece of custom security silicon they announced a year ago?
[https://cloudplatform.googleblog.com/2017/08/Titan-in-
depth-...](https://cloudplatform.googleblog.com/2017/08/Titan-in-depth-
security-in-plaintext.html)

------
michaelmior
This is definitely threadjacking, but curious if anyone here has tried the
Yubikey Neo? I'd like to purchase a 2FA device and it seems like this is the
only option with NFC which I would appreciate given how often I find I'm
logging into things on my phone these days.

~~~
jfim
The NEO is pretty nice, especially when combined with the Yubico authenticator
app for TOTP codes.

One issue with the authenticator apps (eg. Google authenticator) is that if
you reset your phone, you lose all your secrets and need to reset 2FA for all
your accounts. With the Yubico authenticator, the secret is stored in the key
and the phone only gives a time signal and authenticates to the key over NFC.
The app is also available for desktops, making it pretty easy to use 2FA
without having your phone.

The NEO is older unfortunately, so it's only available in USB A form factor
and has weaker crypto than newer Yubikeys (2048 bit vs 4096, iirc) for private
keys stored in it if you're planning to use GPG (for email encryption or
signing git commits). In practice, that's not a real limitation.

However, it also does not support signing Docker images, which is unfortunate.

~~~
jbronn
When you use encrypted backups on iOS, Google Authenticator maintains its
state and there's no need to reset 2FA. I'm sure there are similar mechanisms
for Android.

~~~
jfim
There might be nowadays, I remember it didn't work for me when migrating
between two Nexus phones (4 to 5X iirc) a couple of years ago.

------
bogomipz
I have a tangential question about 2FA since there's been a couple of articles
recently on HN about U2F/FIDO/2FA. Is there a reason almost no banks offer
2FA?

I really seems absurd that in 2018 a person's gmail/dropbox/github etc has
better security practices than an online bank account.

EDIT. Some people assumed this was a US-centric question/perspective. If you
look at this list. The number of checks for banks offering either
hardware/software 2FA is pretty dismal:

[https://twofactorauth.org/#banking](https://twofactorauth.org/#banking)

~~~
icebraining
No, there's no reason. CAP has been around for over a decade, and my bank has
supported that and/or SMS as 2nd factor since at least 2008.

[https://en.wikipedia.org/wiki/Chip_Authentication_Program](https://en.wikipedia.org/wiki/Chip_Authentication_Program)

~~~
bogomipz
How does CAP provide protection when logging into your bank account online?

~~~
icebraining
You get a device (like those in the pictures), which you then connect to your
computer, and insert your debit card. When you do an online operation (e.g.
bank transfer), the bank site requires the transaction to be digitally signed
by your card (and which requires your PIN).

~~~
bogomipz
Ah OK I didn't look closely enough as I thought the picture were of POS
terminal devices. I was confusing CAP with "chip and pin" \- the tech used
inside debit cards.

~~~
icebraining
It is chip and pin :) it's the same cards, just not a POS device.

------
alasdair_
Stupid and slightly unrelated point but: Yubikey need some serious work
getting their product available in major retailers. I've been checking Amazon
for several months looking for a Yubikey Nano on USB-C (rather than USB-A) and
they still don't have them available.

------
obrajesse
Given how much 'Titan' sounds like 'Feitian', I'm a little bit surprised their
upstream hardware vendor would be ok with them using the brand.

~~~
antsar
They're probably OK with it because of the profit they stand to make from the
increased visibility/marketing. To Americans, I'd guess "Feitian" sounds like
"some foreign thing I've never heard of" whereas "Google Titan" feels warm and
fuzzy.

------
sonaltr
I am a bit disappointed they didn't add some of the features of the OnlyKey -
such as passcodes (and having the ability to self destruct the contents).

Those would be awesome to have if someone decides to steal your keys (yes I am
aware you need your key + password -> but if someone goes through the effort
to steal your keys - I'm sure a hammer can get the password out of you).

------
bdz
Will this be available to normal Google users?

------
kerng
This really should be just part of future phones - everyone carries a phone
with them. Just some creative ideas needed on how to integrate it. You heard
it here first. :)

------
Animats
It's a Google product. Does it phone home to Google, or what?

~~~
tptacek
That's an unusually low-substance comment coming from you. Do you really
believe a Google U2F key would somehow phone home to Google?

~~~
Animats
It has radios. Bluetooth Low Energy support, plus a near-field transponder.
Seeing those functions in a security key is troublesome. It offers a lot of
attack surface.

~~~
tptacek
Right, but that's not really my question. I'm asking, do you really think
Google is backdooring security tokens? Google's security team is basically at
the vanguard of getting those things deployed.

~~~
Animats
Until there's a solid third party teardown, you just don't know. Look how many
backdoors in major products have been discovered in recent years. Juniper
Networks.[1] Cisco.[2] Dell.[3] ZTE.[4].

[1] [https://arstechnica.com/information-
technology/2016/01/junip...](https://arstechnica.com/information-
technology/2016/01/juniper-drops-nsa-developed-code-following-new-backdoor-
revelations/) [2] [https://www.bleepingcomputer.com/news/security/cisco-
removes...](https://www.bleepingcomputer.com/news/security/cisco-removes-
backdoor-account-fourth-in-the-last-four-months/) [3]
[https://www.theregister.co.uk/2015/11/25/dsdtestprovider/](https://www.theregister.co.uk/2015/11/25/dsdtestprovider/)
[4] [https://thehackernews.com/2016/11/hacking-android-
smartphone...](https://thehackernews.com/2016/11/hacking-android-
smartphone.html)

~~~
tptacek
Why would you trust a Yubikey, then?

To my snarky interlocutor: congratulations, you pried the plastic off a
Yubikey and found a pair of NXP MCUs. Now what? Can you even get the data
sheets for those things without signing an NDA?

~~~
tptacek
You've gotten quiet, but are posting on other threads (apologies, but you're
someone whose comments I follow here on HN). I'm genuinely curious to hear out
the logic you brought to this comment about Google backdooring U2F tokens, and
also about what security hardware you _do_ trust.

------
gandhium
My main concern about that - I'm not 100% sure that Google will not
discontinue that in couple of years.

And for example: recently they've announced that 'Save to Google' extension
will be discontinued in nearest weeks, without easy ways to exporting saved
stuff.

~~~
dudus
Not sure how this new Google Titan key works but Yubico doesn't rely on
anything other than sites that support it. If Yubico goes under tomorrow my
key will continue to work for probably many years.

It's different than buying a device that needs update or server side controls.

This argument doesn't really matter here.

------
ghostly_s
Title is clickbait and should be changed. The article mentions no features
that make this more or less 'phishing-resistant' than any other physical
security key product.

------
taftster
Here's the thing. I don't want a device with a usb interface. Some
environments are so locked down, the ability to plug in a usb device is
completely unfeasible. Similarly, cell phones are not a good option in these
restricted environments (one time password apps or text messages would not
work).

It's these types of environments where security is the most restricted that we
need better two factor options. RSA SecureId tokens are a reasonable solution
for local logins, but can't be used to authenticate with external resources
like Google.

I want to access Google, AWS (and friends) without a network (phone) or
plugged (usb) device. Let me register a SecureId token or something similar
with them. We need to be able to bring our own devices.

~~~
betterunix2
BLE security keys also exist:

[https://www.amazon.com/Feitian-MultiPass-FIDO-Security-
Key/d...](https://www.amazon.com/Feitian-MultiPass-FIDO-Security-
Key/dp/B01LYV6TQM)

SecureId is a TOTP device last time I checked, which is phishable and
significantly less secure than U2F devices. The sooner TOTP is phased out the
better.

If BLE and NFC are unacceptable, well, I guess you are stuck trying to use
TPMs in some way to do U2F. Some phones already support something like that
and I assume newer desktops and laptops will be capable of doing that some
day.

