The YubiKey is a hardware security token from the company Yubico that is used with interfaces such as Lightning, Near Field Communication (NFC) or USB and a variety of protocols to identify and authenticate users on computer systems. Among other things, it allows secure passwordless authentication and is also supported, for example, by the KeePass iOS app variant KeePassium.
Yubico uses open-source software such as OpenPGP and open standards such as U2F for two-factor authentication for Microsoft Windows, macOS, and Linux operating systems. For security reasons, software on YubiKey cannot be read or modified. In the event of an update, the device must be replaced with a new model. Secret private key data can be generated on the token or written to the token, but cannot be read subsequently.
Since the YubiKey hardware is not open source – unlike competing products such as Nitrokey’s Nitrokey family or SoloKeys’ Solo family – independent checks for backdoors or security vulnerabilities are hardly possible.
---
Construction of YubiKey
YubiKeys are encapsulated in tamper-proof waterproof housings. They include a USB or Lightning port as their primary interface. There are models with a USB-A or USB-C connector. The button on the security token for confirming an action, which is necessary for some operating modes, is designed as a sensor button without mechanically moving parts. Some models, such as the older YubiKey Neo, the successor Security Key NFC and the YubiKey 5, include a contactless NFC interface in addition to USB, with the YubiKey also being powered via NFC. The range of functions is identical for both interfaces.
The YubiKey 4 and YubiKey NEO models use a microcontroller from NXP Semiconductors. In the successor model, YubiKey 5, the number of components is reduced. It is protected against the reading of secured memory and all interfaces such as USB port and NFC interface.
How YubiKey Works
Through the USB interface, YubiKeys can emulate three different types of virtual USB devices and thus offer a wide range of functions: OTP, FIDO and CCID. The three options can be combined with each other or, if not needed, deactivated.
The One-Time-Password (OTP), not to be confused with the identically abbreviated cryptographic term One-Time-Pad, is the original procedure for security tokens. In this process, once valid and changing sequences of numbers and/or letters are compared for authentication. It allows the configuration of two so-called slots, German about memory positions, on the YubiKey. Each slot can independently record a function including the necessary data such as secret keys. Each slot in the YubiKey4 can be assigned one of the following functions:
- Yubico OTP, a proprietary one-time password method from Yubico.
- Challenge-response authentication using HMAC-SHA1.
- Static password. The YubiKey emulates a virtual USB keyboard and thus allows the password to be entered directly into the password field in the respective application without additional software.
- HOTP according to the For Open Authentication (OATH) initiative.
- The respective OTP function can optionally be linked to the sensor button, i.e. you express your consent by pressing the button to trigger it. Depending on how long you press the button, you trigger the function from slot 1 or slot 2.
With the FIDO2 procedure of the FIDO Alliance, the YubiKey also provides the Client to Authenticator Protocol (CTAP). Older Yubikeys like the Yubikey 4 only support CTAP1, which was also called Universal Second Factor (U2F) before FIDO2. The newer YubiKey 5 also offers CTAP2, which is part of the FIDO2 project and builds UAF (Universal Authentication Framework). The Yubico FIDO or Security Key NFC model only offers CTAP. The CTAP procedure requires the user’s confirmation of the token, otherwise the token will refuse to respond. This function is performed by the sensor button. In the context of CTAP1 (U2F), unlike other operational data, no user-specific data is stored on the token. When using CTAP2, depending on the mode, user-specific data is also stored on the token, for example when using English Discoverable Credentials or when using a PIN.
With the third option, CCID, the YubiKey emulates a smart card reader on the USB port and offers manufacturer-programmed immutable smart card applications that comply with the ISO 7816 smart card standard. The following CCID applications are available on the YubiKey 4 (these require appropriate software on the host system):
- OATH HOTP: identical to the basic OTP function, but up to 32 configurations are possible
- OATH TOTP. Since YubiKey does not include a clock for one-time password calculation, the current system time is transmitted via CCID to the emulated chip card program OATH TOTP. Up to 32 configurations are possible.
- OpenPGP Smart Card version 2.0
- A Personal Identity Verification according to FIPS 201, which is used by U.S. authorities, among others, to establish identity.
Security Failure of YubiKey
In October 2017, it became known that the CCID application OpenPGP, which is used for the YubiKey 4, among others, is based on Infineon’s faulty RSALib software library, which makes the generation of RSA key pairs directly on the token vulnerable to the ROCA vulnerability. Yubico replaced affected devices with new YubiKeys free of charge.
The plastic housing of the first YubiKey versions, such as YubiKey Neo, could be easily chemically dissolved in boiling acetone. As a result, the PCB was accessible non-destructively. Although no data could be read from NXP Semiconductors’ integrated circuits, a different plastic was used in later generations such as YubiKey 5.
