Hacker News new | comments | ask | show | jobs | submit login
Inside Yubikey Neo (hexview.com)
94 points by tasqa on Oct 30, 2015 | hide | past | web | favorite | 35 comments



I like how polite Yubi and Hexview are in this exchange; a breath of fresh air from an infosec company engaging with a security company! Makes me feel like there are grown-ups both places, and that the work will help Yubi in future iterations.


Off-topic, but I came across this tweet today.

https://twitter.com/flexlibris/status/660108123487789056

> TSA at Boston airport tried to take my Yubikeys away from me to a second location "for a test". I refused & they backed off but FYI people.

If you have your Yubikeys with you while traveling, you might want to be careful.


Why wouldn't you take them with you while traveling? The whole point is to use them as part of your authentication chain.


You clearly misread or didn't read my comment because I didn't say anything about not taking your Yubikeys with you while traveling.

>The whole point is to use them as part of your authentication chain.

I know and that's exactly why I said you might want to be careful with them while traveling. If your keys are taken away from you and you don't have any backup solution (such as recovery keys), you will get locked out of your important accounts.


It seems that hardware breakdowns inevitably place a 'raw materials' costing to ojects broken down, often (but less in this instance) - as a somewhat passive-agressive dig at the company: "They sell it for $50, but it's only got $10 worth of components in it!"

Outside of the obvious external costs (development, transport, overheads, import, profit, etc), PCB + Tooling costs are often wildly underestimated.

For reference, a PCB of this size requires a setup + stencil template, which would run ~ 400 - 500 USD.

Tooling for the plastic injection mold for this piece would run around 5000 USD, and each subsequent piece would probably cost around 10 - 50c USD.

Tooling + PCBA done right have significant upfront costs that often seem to be forgotten.


To support your point, most of the delays in the JackPair Kickstarter involve tooling for the casing. The recent one admits they should've talked to an expert before they even settled on the prototype because they had no idea how much trouble it would cause at manufacturing time.

Hence, the popularity of the Design for Manufacturing concept these days...


Tooling and injection molding is an arcane art. Most people would be amazed to realise that the tooling to make even the yubikey would probably be around 45cm x 45cm of (almost) solid steel block.

They'd be probably even more surprised to find that it'd cost 10k - 15k to make the tooling.

Diagnosing / 'debugging' issues with injection molding is incredibly difficult - again - it's almost black magic, and it's sadly a skill that's getting harder and harder to find.

If you cast your eyes around your desk / room, we see molded plastic parts every where - so we make the assumption that they must be cheap and easy to do.

And indeed - the assumption of facility due to availability is a very common trap that many kickstart projects fall into.

It's harder to scaffold and pivot in real life ;)


I believe it. Sounds like a market rife for disruption by people that can turn it into a cookbook approach on the cheap. More interesting from a security angle: malicious tooling on packaging side might be used to pre-compromise chips or devices. I haven't seen anyone write on that and I've had to little time to do a paper on it. I'm sure there's a whole cat and mouse game waiting on us that the cats are probably already playing. ;)


Apple justified their purchase of a Cray in part for this use case.


That's something else. You got a link for that?


Nope, just contemporaneous memory, and by then I'd learned a lot about manufacturing by working at LMI, so it was something I paid attention to. Try e.g. https://www.google.com/search?q=apple+cray+injection+molding... which got me these two top hits:

ftp://ftp.cray.com/announcements/product/OLD/Moldflow_Partnership.930408.txt

http://www.clock.org/~fair/computers/sgi-cray.html

The latter should be authoritative, Eric Fair was an Apple sysadmin in the '80s or thereabouts (and son of the Fair in Fair Issac, the inventors of credit scoring).

And there were quite a few more links I didn't check out.


That's a trip! I didn't consider the need for a supercomputer because I knew so little about the topic. Yet, the text file reminds me of the descriptions on solving fluid dynamics problems where they had to do intensive simulations to measure behavior of fluid in some situation. That's always advertised by supercomputer vendors. Seems molding has similar requirements.

Extra funny if that exchange between Scully and Cray happened. One of computing's more interesting synchronicities. :)

Btw, I recently found out that Cray had another company making a play in reconfigurable market. He died in a car accident but they followed through with interesting technology:

http://srccomputers.com/


I would say your 5000 USD for the tooling seem pretty low to me for a steel mold (as opposed to a "soft" aluminium mold). They can easily cost 5-10x more if you factor in mold development.


For full disclosure, I work with factories (Based in China) running plastic injection molding and zinc casting molding.

5kUSD would be a conservative price from our factories; but the item is rather simplistic. As a general rule of thumb, for cases in plastic injection molding, you're correct - you're looking at 10 - 20k easily. Multiple pieces with complicated gating, the price goes up.

Zinc / Metal injection molding involves much more black magic, and this is reflected in the costs.

With all of that said - we're in complete agreement on the main subject - even if tooling cost 5k + 20c per piece, the estimation of $1 for PCBA + PCB Stenciling + molding is way off track, unless it was amortised over tens / hundreds of thousands of pieces.


I accidentally ran over my Yubikey with my Honda Accord, on a key ring with a fin key (1). I dusted it off and it works fine 6 months later. Seriously, if you're in a position where you're using a Yubikey, getting another Yubikey isn't that big a deal for the organization. In fact, if you're a solo practitioner using something like Yubikey, I recommend you get another one and just keep it in a lock box in the event you, say, run over the primary with your car :)

(1) http://www.amazon.com/FCS-Moulded-Steel-Fin-Key/dp/B003JCQPX...


It's actually recommended that you get two yubikeys and connect both to every account and keep the backup safe.


Nice article, would be interesting to build something that HexView did, in fact, find "nearly indestructible". Full disclosure I'm a fan of the Yubikey, I think that something like it will be the future of operational security for networks. Requiring the key be present to answer challenges helps a lot.


Read a much more detailed security review of the Yubikey as it works in practice here:

http://www.unrest.ca/yubico-reinvents-the-yubikey


That's a lot of text to say nothing of interest. I really love how they question the trade offs made in the PCB design, as if these things didn't occur to the designers.


Disappointed that they did nothing to probe the onboard MCUs to see if they could get it to leak anything, and just dismissed that with "we expect it to get high marks there." This seems an awfully low quality report from an infosec company. I was hoping to see an audit of the controllers onboard to see if (and if so, how much effort) they can extract onboard secrets, because after all that's the whole purpose of this device, to act as a secrets repository.


First line of the page: Yubikey is a curiosity-driven side project for us and we have plans to dig a bit further into hardware as time permits. If anybody could confidentially help with NXP datasheets, it would be much appreciated.

I guess they could have waited until they had more to publish it, but I found it interesting regardless


NXP processor manuals and datasheets are on NXP's website. Just google for "13xx User Manual". Here's a link to 13xx series user manual[1]

(I've just finished a year working on an embedded project using NXP 13xx series processors, and NXP's documentation is top notch.)

[1] http://www.nxp.com/documents/user_manual/UM10375.pdf


All else being equal it would be nice if the keys' casing were more tamper-resistant. But the article doesn't even touch on the tamper resistance of the NXP A7005, which is the part that actually matters.


I found it interesting since as a user you can't see the PCB. Of course the designers knew about the tradeoffs, it's just nice to know what those tradeoffs were.


While we're at it .. are there any other tokens/smartcards that could be used for signing messages (ECC preferable, RSA acceptable)? I only know of YubiKey and the KernelConcepts PGPcard.


I have the Github-branded YubiKey, as well as another U2F FIDO key that I purchased last year from Plug-Up.

But now PlugUp web site, http://pu1.fr, redirects to a trendy, rebranded site that I can't get to work. So I don't know if that vendor exists anymore.

I am excited about YubiCo products. The key I have Just Works, looks and feels very well-made.


Nitrokey is another one: https://www.nitrokey.com/


Thanks. Nitrokey looks nice. I'll have to look deeper into the github repo to see what it actually supports in hardware though - the website does not mention the smartcard standards that are actually supported.


Nitrokey Pro uses the OpenPGP Card, Nitrokey HSM uses the SmartCard-HSM.


Hard to take your article seriously with statements such as "...Levels 1 and 2 of the FIPS140-2 certification are just a marketing gimmick". Even harder to believe Jakob took the time to respond.


Hexview provided their reason for believing that. Care to explain why you think otherwise?


Original quote:

>That is not a big deal, considering that Levels 1 and 2 of the FIPS140-2 certification are just a marketing gimmick for most electronic devices.

They have a point here: technically, the iPhone is FIPS140-1/2 compliant. By itself, that doesn't mean that the device is secure. It does show two important requirements for security.


FIPS isn't trivial. There is a lot of shit crypto on the market, establishing FIPS is not banal. Regardless of FIPS, if not utilized properly, it protects nothing. If utilized correctly, it protects what it needs to. Discounting it show lack of understanding.


A little education goes a long way: http://csrc.nist.gov/groups/STM/cmvp/


They state they believe the device fulfils these requirements, it just isn't certified. And for many customers, it doesn't matter if it actually has the piece of paper to prove it or not.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: