FREE ELECTRONIC LIBRARY - Dissertations, online materials

Pages:     | 1 |   ...   | 2 | 3 || 5 |

«Security Now! Transcript of Episode #143 Page 1 of 30 Transcript of Episode #143 YubiKey Description: Steve and Leo delve into the detailed operation ...»

-- [ Page 4 ] --

Okay. Then we have a two-byte, what we call a "session counter." That is a nonvolatile counter, and it counts the number of times the YubiKey is powered up. So if you plug it in, that session counter increments once when the YubiKey powers up. And that's nonvolatile. So it only increments, and it never resets to zero. Next is three bytes of a timestamp. And that's a three-byte counter, 24 bits, that runs at 8Hz. So eight times per Security Now! Transcript of Episode #143 Page 19 of 30 second this three-byte timestamp is counting up. Well, that means that it will run, before it wraps around, it runs for 24 days. And that always starts at zero when you plug it in.

So you plug it in, the session counter, which is two bytes, increments by one. And this timestamp starts running.

Well, this has a number of features. One is it has an anti-phishing feature because it means that they're able to determine when - because essentially you've got time embedded in the YubiKey's output. They're able to determine, that is, the recipient is able to determine for successive outputs during a single session when these were generated by the key. So if anything were to intercept this and impose some interception delay and then try to use it, it contains a timestamp. So by comparing the timestamp received from previous receptions of this YubiKey output, they're able to determine whether these are out of sequence, whether they've been delayed for some reason, because normally the authentication happens in near real-time. You know, you're on a form, you go to the YubiKey field to authenticate, or maybe you've got this all built in, for example, into a, for example, a VPN client. And you press the button, it types the stuff out, then you would submit the form. So there's only, like, a few seconds delay between the time the YubiKey generates its token and the authenticator has it and is able to authenticate. So just, I mean, they had 128 bits to play with. And so from an engineering standpoint they said, well, what cool things can we do with all this face? So they gave us an 8Hz timestamp, so every YubiKey token is timestamped in real-time as it's generated.

Leo: That actually solves a problem that VeriSign has with their football or their little card; right? Because if you're out of sequence, sometimes, occasionally, if you press the key a bunch of times or whatever, you'll have to get back in - they can lose track of the sequence, I guess. Does this solve that?

Steve: Well, actually we've got so many bits. And what we're really doing is encrypting this thing. In fact, all you really want to do is prove that you have the magic 128-bit AES key. So the fact is, just decrypting this and doing a sanity check or...

–  –  –

Steve: That's really all you have to...

Leo: You don't have to match it up. You don't have to generate a matching key or anything like that at all.

Steve: Exactly.

Leo: Oh, I see. So it really is a different technology than the football.

–  –  –

Leo: There's more than a million keys, one hopes, out there, so that's not going to do it.

Steve: Exactly. Okay. So the next byte is a session use byte, just one byte which increments every time you use it during that session. So remember we have the session counter that increments once for the whole power-up cycle. And then the session use byte, it starts at zero for at the beginning of every session. And then it increments. And that's just to make every single one unique, even though the timestamp would also do it.

But the next two bytes is 16 bits of pseudorandom data. So they have a pseudorandom generator that just generates 16 bits of noise that is added in. The reason they do that is that the one concern that you would have in simply encrypting Rijndael or any symmetric cipher block, we've talked about this before, is that this uses what's called ECB mode, Electronic Code Book mode, meaning you simply take the data, and you encrypt 128 bits into 128 bits.

Well, the problem with ECB mode is the so-called "known plaintext attack," meaning that if you ever are encrypting the same data or potentially similar data, there's a theoretical vulnerability, that is, that you could begin to build up a mapping between the plaintext and the encrypted data. So what they do is they throw in this two bytes of pseudorandom data in addition to three bytes of timestamp, which is running at 8Hz.

That's much faster even than you're able to emit these key output. So there's a lot of randomness in those two things. Or at least nondetermination. And then they have the pseudorandom bytes. And, finally, a 16-bit, two-byte CRC, a Cyclic Redundancy Check, which applies to the entire block.

So the idea would be you receive one of these things, which is this funky mod hex code.

You translate each of the 16 different characters in the alphabet into four bits. That gives you 128 bits. Then you look up the key's secret 128-bit Rijndael symmetric key. You decrypt that 128 bits into this data that I've just described. So now you have the device's unique ID, six bytes; the session counter; the timestamp; the session use byte; then the two pseudorandom bytes that you ignore. But you do run all that through the CRC just as a sanity check to make sure that you have probably decrypted something that is valid and that there was no data loss or corruption at any point. And then you've got all this information about the YubiKey, that is, how many times it's been used in that session, a sense of the time flow during that session, and you can use that to authenticate and to provide various forms of anti-spoofing protection.

Leo: Very cool. Somebody asked in the chatroom if a keystroke logger could capture these keystrokes.

Steve: Absolutely. And I'd be happy to read mine out to anyone who wants.

–  –  –

Steve: Yes. Exactly. It is a one-time key. And again, oh, I forgot to mention, that session counter that is two bytes, they actually have stolen the top bit from it. So it's only 15 bits, meaning that it runs up to a maximum of 32767. It starts at zero. When it gets to the maximum of 32767, it stops, and the YubiKey dies. So that's one thing worth noting.

Leo: Wait a minute, say that again? It can only generate how many?

Steve: No, no. That's what's cool. It's not about - it's how many sessions it can have.

That is, it counts - it's a 15-bit counter. So it counts up to 32767.

–  –  –

Steve: A session is when you power this thing up.

Leo: Ah. So you would have to unplug it and plug it in again to start over.

Steve: Exactly. Well, no...

Leo: Big deal. You're not going to use 15,000 sessions.

Steve: No no no. No. Now, remember that the key is - this is a one-time password generator. Therefore that session counter can never be allowed cryptographically to wrap around to zero because that's where it started. And although...

Leo: It would repeat passwords.

Steve: Exactly.

Leo: So are you saying that after 15,000 passwords this stops working?

Steve: No no no. It's very important that people understand this. First of all, it's 32,000.

It's 32,000 sessions.

–  –  –

Leo: And you're saying a session begins when you power it up. So it sounds like every time you unplug and plug it in, that's a new session?

Steve: That is correct.

Leo: Okay. So you wouldn't want to unplug it and plug it in.

Steve: Well, consider that that's a big number. First of all, that's 10 times a day for nine years.

Leo: Okay. Never mind, then. We won't worry about it.

Steve: Well, and imagine that this thing takes off. For example, you're using it as your OpenID token.

Leo: Which means you'd probably want to leave it plugged in.

Steve: That's my point is you're - or you're using it to authenticate yourself to your bank and your corporation and so forth.

Leo: So before you get to work, you sit down, you plug it in, and you press that button whenever you need it, and you unplug it at the end of the day.

Steve: Precisely.

Leo: You're not going to use - how many per session do you get? Is it...

Steve: No, it's infinite. There's no limit on the number of keys you can generate per session.

Leo: Oh, okay. Then forget it. Then it's not a big deal.

Steve: And the other reason that this is important is, remember, we know about nonvolatile RAM not lasting forever. That is...

Leo: So it's not writing to the RAM, or the EPROM. It's reading from the PROM.

–  –  –

changing. So they did need to protect against the standard NV RAM fade, because we've talked about how some nonvolatile RAM you can only write to 10,000 times. Some is 100,000. Well, in this case, from an engineering standpoint they knew that the nonvolatile portion of this would be aging as it's counting sessions. So exactly as you said, Leo, I mean, imagine that the typical use might be you plug it into your laptop, turn your laptop on, a little green light comes up. And then during your use of the laptop over the course of several hours, any time you needed to authenticate to an OpenID site you would just reach down and put your finger on the little touch surface, and it would emit a YubiKey token.

–  –  –

Steve: It is really neat.

Leo: You know, I use - and actually it's interesting, our new office manager, Frederique, said is it okay if I plug in my RoboForm. She has, and I use this, too, RoboForm AI has a USB version. So you plug it in, and your passwords are on there and authenticated. And it's a very nice system. But so it's the same idea. I think people are already used to this. But this is so much slicker and so much secure.

Steve: Well, yeah. I mean, it is absolutely secure. You cannot get the YubiKey to tell you its secret 128-bit AES key. All you can get it to do is to spit out unique tokens which only have meaning if the authentication end already has the key. And what I was so pleased about as Yubico's concept of what they were going to do with this evolved is, I mean, and they even changed the language on the website in the last couple weeks because there was language about, well, you know, the keys you're buying from them now are evaluation only, and they'll expire. All of that's gone. That was, you know, they weren't sure what business model they wanted to have. And they've settled on, okay, we're going to sell these keys.

Leo: They picked the right model, I think; don't you?

Steve: Oh, I mean, it's why I'm so excited about this. Leo, I can't - there's no way that VeriSign will tell me the algorithm that they use in their footballs or their cards.

Therefore I cannot...

–  –  –

substantial cost associated with using that kind of big corporate authentication solution.

And it's, I mean, VeriSign's model is we're going to be - we have a big network. We're not going to go down. You can trust us to be up all the time. And it's like, well, okay. But it does limit the applications. Here Yubico tells you everything you need to know. I mean, it's why I love it. I mean, I love crypto, and I love authentication. Now I've got these keys that I can use for any purpose I want. I mean, Sue, Greg, and I are going to use this to access...

Leo: So you're going to do it. You're going to implement it.

Steve: Absolutely.

–  –  –

Steve: Well, it is immediately an OpenID.

Leo: You know what I thought it would be really good for? Now, we're not probably going to do this. But if you wanted to do a paid, say, paid podcast, a paid show, somebody could subscribe, and you'd mail them, they're cheap enough, you could mail them a YubiKey.

–  –  –

Leo: And they couldn't watch it without the YubiKey. And it's kind of - I don't want to say, I'm not recommending it for DRM. But it could be the ultimate DRM.

Steve: Well, as a matter of fact one of the applications that Stina mentioned is the idea of for online gaming or even for downloadable games. It ends up being a very painless hardware key where you would allow people then to download updates and download the software which won't work until they authenticate with their YubiKey.

Leo: So now it's gone clean out of my head. I thought of some negatives about this.

I mean, I guess one negative would be if you lose it there's no way they can give you a replacement; right?

Steve: That is correct. Now, I did want to mention my concern over the idea of this 32,000 sessions, or days, or however you would use it. The comment's been made that if this thing is on your key ring, and you're putting it in, pulling it out, putting it in, pulling it out, it probably mechanically degrades.

–  –  –

Steve: Exactly. And so at some point it's looking kind of ragged. And so you would tell your IT department, hey, you know, my YubiKey's chipping off, and my dog chewed on it, and can I have a replacement, please.

–  –  –

Steve: Well, oh, that's no problem at all. Or if you lost it. You'd report it lost the way you would a credit card, and they'd just cancel it. They'd just hand you another one for, I mean, I didn't go through her whole price list. But at a million quantity, I mean, I guess a large corporation that wanted to standardize on this, they're $5 each.

Leo: Okay. Which is what the football costs from PayPal. And they're subsidizing it.

Steve: Well, yes. Now, I do want to say that one downside, it's worth mentioning, is that the football and the credit card, that is, the two visual numeric ID solutions, because they don't use any kind of electrical interface, they could be used for authentication over the phone or at a...

Leo: Right. You have to manually enter the number or speak it, but you can do that.

You couldn't do that with the YubiKey.

Steve: Or like in some sort of a, like a Windows kiosk or something where you don't have access to the physical machine. So one limitation is it is, being a USB thing, it's for an end-user who has a computer and has access to that computer's USB ports. Someone in the, I think they have an FAQ on their site where they said, well, wait, my USB ports are all on the back of my desktop. I can't get to them. And the answer...

–  –  –

Pages:     | 1 |   ...   | 2 | 3 || 5 |

Similar works:

«THE FIRST 22 YEARS OF THE PALMERSTON NORTH TRAMPING AND MOUNTAINEERING CLUB 1965 TO 1987 A brief history of the club’s activities over this period. Produced by Terry Crippen, Trevor Bissell, Linda Rowan, Kevin Pearce, Jenny Dymock, Keith Potter, Peter Darragh and Peter Wiles. Prepared to compliment the weekend of social and tramping activities held at Rangiwahia 12-14th February 1988 to celebrate the Club’s Coming of Age. P.N.T.M.C. P.O. Box 1217 Palmerston North New Zealand THE FIRST 22...»

«Nasser in the Egyptian Imaginary Omar Khalifah Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy In the Graduate School of Arts and Sciences COLUMBIA UNIVERSITY 2013 © 2013 Omar Khalifah All rights reserved ABSTRACT Nasser in the Egyptian Imaginary Omar Khalifah This dissertation examines the representations of late Egyptian President Gamal ‘Abdel Nasser (1918-1970) in Egyptian literature and film. It focuses on how the historical character of Nasser...»

«© 2012 History Higher – Paper 1 Finalised Marking Instructions  Scottish Qualifications Authority 2012 The information in this publication may be reproduced to support SQA qualifications only on a non-commercial basis. If it is to be used for any other purposes written permission must be obtained from SQA’s NQ Delivery: Exam Operations. Where the publication includes materials from sources other than SQA (secondary copyright), this material should only be reproduced for the purposes of...»

«International Journal of Accounting Information Systems 12 (2011) 99–115 Contents lists available at ScienceDirect International Journal of Accounting Information Systems Event study methodologies in information systems research Yaniv Konchitchki 1, Daniel E. O'Leary ⁎ University of Southern California, United States article info abstract Event studies are based on the theoretical framework of efficient capital Article history: Received 19 August 2010 markets and the notion that security...»

«Scallen 1 Table of Contents Acknowledgments 2 Introduction 3 Chapter One: Things of A Historical Nature 12 Chapter Two: Bitch Products 20 2.1: Product Group A 21 2.2: Product Group B 32 2.3: Product Group C 41 Chapter Three: Wrapping It All Up with a Pretty Little Bow 50 List of Figures 56 Bibliography 57 Scallen 2 Acknowledgments So, so many thank you-s are due. First and foremost, to dearest Mom, without whom this thesis would be horrendously un-edited and ridiculously grammatically...»

«United States Department of the Interior National Park Service / National Register of Historic Places Registration Form NPS Form 10-900 OMB No. 1024-0018 Hodges Gardens Sabine Parish, Louisiana Name of Property County and State   4. National Park Certification I hereby certify that the property is: _ entered in the National Register _ determined eligible for the National Register _ determined not eligible for the National Register _ removed from the National Register _other, explain: _...»

«History of the Vegetable Drugs of the U.S.P. J. U. Lloyd Page 1 The Southwest School of Botanical Medicine http://www.swsbm.com INTRODUCTION. Together with his brother, Mr. C. G. Lloyd, the writer began, in 1884, a quarterly publication entitled Drugs and Medicines of North America1, with the object of considering, consecutively, the American remedial agents then in use by members of the various professions of medicine in America. It was planned to give the historical record of every American...»

«Click here to order the book or the accompanying PowerPoint (http://www.sundayschoolcourses.com/monastic/monastic.htm) A Brief History of Western Monasticism Written by Robert Jones Acworth, Georgia  2000, 2009 Robert C. Jones Christian Theology and History Adult Sunday School Courses Robert Jones www.sundayschoolcourses.com I’ve always been a strong believer in adult Sunday School classes and Bible studies in our churches. And many churches have quality, Biblically-based adult-focused...»

«InDepth Notes on Thrill Me book, music & lyrics by Stephen Dolginoff Diversionary Theatre April 24 – May 25, 2014 Notes written and compiled by Anthony Methvin Literary Associate at Diversionary Theatre Table of Contents Playwright Biography and Production History “The Creator of Thrill Me is Thrilled Himself” by Andy Humm Stories That Can Evoke Conflicting Emotions: A Q&A with Thrill Me Director Bret Young Leopold and Loeb: Queer Facts and Coded Fictionalizations Exploring the Dark Side...»

«OVERVIEW OF MORTARS FOR CANADIAN HISTORIC STRUCTURES G.T. Suter1, C.P. Borgal2, and K. Blades 3 ABSTRACT Mortar for historic structures must comply with good conservation principles and be compatible with the historic fabric as far as feasible; it must also be appropriate for the material to be bonded and its service conditions. Good conservation principles dictate that mortar be not too strong and be the sacrificial material rather than the masonry unit. In Canada, three types of mortar are...»

«Men and Manliness on the Frontier: Queensland and British Columbia in the Mid-Nineteenth Century A thesis submitted for the degree of Doctor of Philosophy at the University of Queensland in July 2007 Robert Paul Hogg, B.Bus. Comm., Grad. Dip. Bus. Admin., MBA, MA School of History, Philosophy, Religion and Classics Except where acknowledged in the customary manner, the material presented in this thesis is, to the best of my knowledge, original and has not been submitted in whole or in part for...»

«Biskop Atle Sommerfeldt: Visitasforedrag Sarpsborg 12.10.2014 En inkluderende by gjennom 1000 år Sarpsborg har vært et pulserende sentrum helt siden området steg opp av havet for 7000 år siden. Den første bosetningen oppstod i krysset der raet møter fossen. På den fruktbare morenejorden på sørsiden av raet, ble Norges eldste gårder grunnlagt. Ikke noe sted i Norge finner vi en så rik arv med fornminner som i Sarpsborg kommune med gravfelt fra bronsealderen og det religiøse...»

<<  HOME   |    CONTACTS
2016 www.dissertation.xlibx.info - Dissertations, online materials

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.