Since 2014, Yubico, Google, NXP, and others have collaborated to develop the Alliance’s standards and protocols, including the new Worldwide Web Consortium’s Web Authentication API. During authentication, the device “proves possession” of the private key by prompting you to enter a PIN code or password, supply a fingerprint, or speak into a microphone. When you register a FIDO2 device with an online service, it creates a key pair: an on-device, offline private key and an online public key. In fact, Yubico claims it’s 4 times faster than typing a password.įIDO2, for the uninitiated, is a standard certified by the nonprofit FIDO Alliance that supports public key cryptography and multifactor authentication - specifically, the Universal Authentication Framework (UAF) and Universal Second Factor (U2F) protocols. (The first to support it was LogMeIn’s LastPass.) NFC might not have BLE’s range, but it’s bound to be faster than fishing around for a USB adapter. In May, Yubico announced an iOS SDK that enables developers to add YubiKey Neo NFC authentication to their apps. “BLE does not provide the security assurance levels of NFC and USB and requires batteries and pairing that offer a poor user experience.”įret not if you’ve got an iOS device, though. “While Yubico previously initiated development of a BLE security key and contributed to the BLE U2F standards work, we decided not to launch the product, as it does not meet our standards for security, usability, and durability,” Ehrensvard wrote in a June blog post. Ehrensvard said that was a conscious decision.
The new YubiKeys support three authentication options: (That’s in addition to crypto algorithms RSA 4096, ECC p256, and ECC p384.) A secure hardware element protects cryptographic keys. Every key in the YubiKey 5 Series, including the new NFC-compatible YubiKey NFC, which supports tap-and-go authentication on compatible PCs and smartphones, supports FIDO U2F, smart card (PIV), Yubico OTP, OpenPGP, OATH-TOTP, OATH-HOTP, and Challenge-Response schemes.
0 kommentar(er)
