... | @@ -207,7 +207,7 @@ N/A |
... | @@ -207,7 +207,7 @@ N/A |
|
|
|
|
|
The YubiKeys keep private cryptographic information embedded in the
|
|
The YubiKeys keep private cryptographic information embedded in the
|
|
key, for example RSA keys for the SSH authentication mechanism. Those
|
|
key, for example RSA keys for the SSH authentication mechanism. Those
|
|
keys are supposed to be impossible to extract from the Yubikey, which
|
|
keys are supposed to be impossible to extract from the YubiKey, which
|
|
means they are also impossible to backup.
|
|
means they are also impossible to backup.
|
|
|
|
|
|
## Queues
|
|
## Queues
|
... | @@ -317,8 +317,8 @@ the secret key material is available on the backup YubiKey. |
... | @@ -317,8 +317,8 @@ the secret key material is available on the backup YubiKey. |
|
|
|
|
|
## Other documentation
|
|
## Other documentation
|
|
|
|
|
|
* [Anarcat's old (2015) Yubikey howto](https://anarc.at/blog/2015-12-14-yubikey-howto/)
|
|
* [Anarcat's old (2015) YubiKey howto](https://anarc.at/blog/2015-12-14-yubikey-howto/)
|
|
* [A Yubikey cheatsheet](https://debugging.works/blog/yubikey-cheatsheet/)
|
|
* [A YubiKey cheatsheet](https://debugging.works/blog/yubikey-cheatsheet/)
|
|
* [TPA-RFC-53][] and [discussion ticket](https://gitlab.torproject.org/tpo/tpa/team/-/issues/41083)
|
|
* [TPA-RFC-53][] and [discussion ticket](https://gitlab.torproject.org/tpo/tpa/team/-/issues/41083)
|
|
|
|
|
|
[TPA-RFC-53]: policy/tpa-rfc-53-security-keys
|
|
[TPA-RFC-53]: policy/tpa-rfc-53-security-keys
|
... | @@ -347,16 +347,16 @@ were compromised by hacking into key people's accounts and destroying |
... | @@ -347,16 +347,16 @@ were compromised by hacking into key people's accounts and destroying |
|
critical data or introducing vulnerabilities in their software. Those
|
|
critical data or introducing vulnerabilities in their software. Those
|
|
organisations had 2FA enabled, but attackers were able to bypass that
|
|
organisations had 2FA enabled, but attackers were able to bypass that
|
|
security by hijacking their phones, which is why having a
|
|
security by hijacking their phones, which is why having a
|
|
cryptographic token like a Yubikey is important.
|
|
cryptographic token like a YubiKey is important.
|
|
|
|
|
|
We also don't necessarily provide people with the means to more
|
|
We also don't necessarily provide people with the means to more
|
|
securely store their (e.g. SSH) private keys, used commonly by
|
|
securely store their (e.g. SSH) private keys, used commonly by
|
|
developers to push and sign code. So we are considering buying a bunch
|
|
developers to push and sign code. So we are considering buying a bunch
|
|
of Yubikeys, bringing them to the next Tor meeting, and training
|
|
of YubiKeys, bringing them to the next Tor meeting, and training
|
|
people to use them.
|
|
people to use them.
|
|
|
|
|
|
There's all sorts of pitfalls and challenges in deploying 2FA and
|
|
There's all sorts of pitfalls and challenges in deploying 2FA and
|
|
YubiKeys (e.g. "i lost my yubikey" or "omg GnuPG is hell"). We're not
|
|
YubiKeys (e.g. "i lost my YubiKey" or "omg GnuPG is hell"). We're not
|
|
going to immediately solve all of those issues. We're going to get
|
|
going to immediately solve all of those issues. We're going to get
|
|
hardware into people's hands and hopefully train them with U2F/FIDO2
|
|
hardware into people's hands and hopefully train them with U2F/FIDO2
|
|
web 2FA, and maybe be able to explore the SSH/OpenPGP side of things
|
|
web 2FA, and maybe be able to explore the SSH/OpenPGP side of things
|
... | @@ -384,7 +384,7 @@ successfully attack the Tor project. |
... | @@ -384,7 +384,7 @@ successfully attack the Tor project. |
|
### Future work
|
|
### Future work
|
|
|
|
|
|
Ideally, there would be a rugged *and* open-hardware device that could
|
|
Ideally, there would be a rugged *and* open-hardware device that could
|
|
simultaneously offer the tamper-resistance of the Yubikey while at the
|
|
simultaneously offer the tamper-resistance of the YubiKey while at the
|
|
same time providing an auditable hardware platform.
|
|
same time providing an auditable hardware platform.
|
|
|
|
|
|
## Technical debt and next steps
|
|
## Technical debt and next steps
|
... | | ... | |