[lug] GitHub+Yubico, FIDO U2F token discount

Tue Oct 6 16:43:30 MDT 2015

Yes, I agree. The scripting interface to the blob signing in the FIDO U2F is 
more exposure than we see on some other devices like classic Yubikeys, which 
output a synchronous OTP string that doesn't depend on a challenge.

Of course, users will see and generalize on the case shape plus interface (the 
golden touch button). ;)  That's actually a training and usability benefit for 
present Yubikey users, if server operators and organizations can normalize or 
cover the change in risk by other means.

The cost delta between a FIDO U2F-only Yubikey and a classic Yubikey, in bulk, 
is about $5/seat. So maybe that's the top end of the budget for the "other means."

When stepping up from an SMS 2nd factor on GitHub (or on Google Apps for *), 
an in-hand FIDO U2F token can be a net improvement in terms of availability. 
That may counterbalance the difference in risk between using a telco channel 
for SMS delivery and the touch-initiated blob signing.

Rich

On 2015-10-05 15:22, Davide Del Vento wrote:
> The section "Client Malware Interactions with U2F Devices" for one.
> The untold mechanisms by which the data is passed to the token for
> signing is another (related to the previous one).
> Some of the MITM which are not covered are the (least concerning)
> ones. And I'd expect more if I had time to read it more carefully than
> I did.
>
> In other words, (other than the UI) this does not seem to be much
> different than signing your own piece of text with your private key
> fully in software, with all the corresponding good and bad. My biggest
> concern is that in the UI documentations all of this is lost, and I
> fear users could be misled into thinking "only I have this thing,
> therefore I'm 100% secure as long as I don't lose it", which of course
> isn't true.
>
> FWIW, I'm not in any way claiming that I could do better, just saying
> things which we "tech people" should be aware of.
>
>
> On Mon, Oct 5, 2015 at 2:49 PM, Quentin Hartman <qhartman at gmail.com> wrote:
>> I haven't yet read that doc in detail since I'm at work, but where do you
>> think the security is lacking?
>>
>> On Mon, Oct 5, 2015 at 2:31 PM, Davide Del Vento
>> <davide.del.vento at gmail.com> wrote:
>>>
>>> That wasn't what I was looking for, but it lead me to
>>>
>>> https://fidoalliance.org/specs/fido-u2f-v1.0-nfc-bt-amendment-20150514/fido-u2f-overview.html
>>> which still isn't what I am looking for, but contained much more tech
>>> details than anything I've seen before. I still have questions, and
>>> the document demonstrates that this isn't as secure as I thought it
>>> was, but it's still progress.
>>> Thanks
>>> Davide
>>>
>>> On Mon, Oct 5, 2015 at 12:26 PM, Quentin Hartman <qhartman at gmail.com>
>>> wrote:
>>>> This might be what you are looking for:
>>>> https://fidoalliance.org/specifications/overview/
>>>>
>>>> On Mon, Oct 5, 2015 at 12:03 PM, Davide Del Vento
>>>> <davide.del.vento at gmail.com> wrote:
>>>>>
>>>>> Hey Rich,
>>>>>
>>>>> The special github yubikeys are totally sold out, but there is 20% off
>>>>> any regular yubikey. I'm familiar with the yubikey OTP, but I'm not
>>>>> with this FIDO U2F. At first is sounded to me like it is just a really
>>>>> long, second password that you don't have to type (like the OTP is the
>>>>> first, equally long password, that you don't have to type and second,
>>>>> it changes every time). But then it says something like "it performs
>>>>> cryptographic functions triggered by a simple touch of the key [...]
>>>>> required for login", which sounded OTP-like but based on an input
>>>>> instead of an implicit sequence count. I could not find any decent
>>>>> documentation about this, do you have any recommended readings? For
>>>>> example, how is this input sent to the yubikey? What is it really
>>>>> about? How can be that "you have an unlimited number of U2F
>>>>> credentials on these YubiKeys that support the U2F protocol" as the
>>>>> FAQ says?
>>>>>
>>>>> Thanks,
>>>>> Davide
>>>>>
>>>>> On Sun, Oct 4, 2015 at 12:17 PM, Richard Johnson <rdump at river.com>
>>>>> wrote:
>>>>>> If you participate in open source projects that use GitHub, or you're
>>>>>> even a
>>>>>> bit of a crypto geek, this is a cool opportunity for an inexpensive
>>>>>> but
>>>>>> quite durable [1] hardware 2nd factor.
>>>>>>
>>>>>>    https://www.yubico.com/github-special-offer/
>>>>>>
>>>>>>
>>>>>>
>>>>>> http://www.wired.com/2015/10/github-moves-past-password-make-open-source-secure/
>>>>>>
>>>>>> GitHub has announced they're supporting FIDO U2F as a 2nd factor on
>>>>>> logins
>>>>>> to their web service. It's working now via recent versions of
>>>>>> Chromium/Chrome only, but Mozilla has an open feature issue for
>>>>>> adding
>>>>>> support.
>>>>>>
>>>>>> Even better, they have a serious discount ($5+$5 shipping) on
>>>>>> Yubico's
>>>>>> otherwise $18 FIDO U2F-only USB tokens (complete with OctoCat logo so
>>>>>> you
>>>>>> can tell them apart ;) ). They'll be usable on GitHub and
>>>>>> increasingly
>>>>>> widely beyond.
>>>>>>
>>>>>> While I'm still wanting a fully open source s/w + h/w implementation
>>>>>> of
>>>>>> FIDO
>>>>>> U2F on a secure base (Nitrokey, eventually?), this will do for now.
>>>>>> $5
>>>>>> is in
>>>>>> "might as well get some to experiment with" range for me.
>>>>>>
>>>>>>
>>>>>> Rich
>>>>>>
>>>>>> -------
>>>>>> [1] I once found a lost basic Yubikey after it had spent 3 weeks
>>>>>> freezing
>>>>>> every night in a puddle of muddy snowmelt. It still works fine. These
>>>>>> Yubico
>>>>>> FIDO U2F models have the same construction.
>>>>>> _______________________________________________
>>>>>> Web Page:  http://lug.boulder.co.us
>>>>>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>>>>> Join us on IRC: irc.hackingsociety.org port=6667
>>>>>> channel=#hackingsociety
>>>>> _______________________________________________
>>>>> Web Page:  http://lug.boulder.co.us
>>>>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>>>> Join us on IRC: irc.hackingsociety.org port=6667
>>>>> channel=#hackingsociety
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Web Page:  http://lug.boulder.co.us
>>>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>>> _______________________________________________
>>> Web Page:  http://lug.boulder.co.us
>>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>>
>>
>>
>> _______________________________________________
>> Web Page:  http://lug.boulder.co.us
>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>