Background
Because security is never stronger than its weakest link, we have considered the full life-cycle of two-factor authentication, from the manufacturing to working in a system. The core security components of YubiKey are summarized below.
FIPS certification
Third party validation of implemented security is very important. We are in the process of FIPS 140-2 certification, validating that the design and security functionality meets the highest security standard.
Hardware two-factor authentication
With the YubiKey, sensitive key information is moved out from the computer providing the user with strong two-factor authentication, combining something you know (a PIN or password) with a physical device generating encrypted one time passwords which cannot be hacked remotely. The concept of an external physical device offers a significantly higher level of security compared to a software authentication token, independent if the software is stored in a mobile device or a computer.
AES encryption
The YubiKey OTP utilizes 128 bit strong key and the AES state-of-the-art encryption algorithm, same algorithm as used by the U.S. military and governments around the world.
Full strength pass code
Standard LCD tokens are limited to a truncated 8 digit pass code as it is not feasible for users to re-type longer passwords read from a display. Because the YubiKey automatically enters the pass code for you, the pass code can be much longer. We have chosen the full 128 bit key strength, represented by 32 modhex characters one time pass code, offering several magnitudes higher level of security compared to 8 digits. (As a comparison in strength to resist brute force attacks, 8 digits represents 100 million combinations to brute force while 128bit offers a “whopping” 3,402,823,669,209,384,634,633,746,074,317.7 times 100 million combinations to try!)
Unique time variant code
The YubiKey has no battery but features a built in clock that uses the power from the USB-port. This clock can be used to measure the time between two OTPs, verifying user presence and that pre-recorded OTPs cannot be used.
Technical transparency
All Yubico server software components are open source, with no hidden weaknesses and available to be scrutinised by the public.
Secure manufacturing process
The YubiKey is manufactured in Sweden, in a fully access automated process, using YubiHSM technology to ensure that no staff or IT administrators can have access to encryption keys.
Easy to program own secrets
The YubiKey requires no special hardware for programming, enabling you to easily program and control your own encryption keys. If required, Yubico offer optional password write protection of the settings, but all YubiKeys sold on our web store can be re-programmed. For security reasons Yubico firmware is not upgradable, it’s a write only device and the encryption key can never be read out from the device.
Tamper proof casing
The YubiKey is based on standard components, high-pressure moulded into plastic, making it practically impossible to tamper. If tampered, it will require sophisticated equipment to read out the secrets and cannot be done without physically destroying the device. Each YubiKey is seeded individually, so any breach would be for that unique Yubikey only, there is no systemic breach. If lost or stolen, the user administrator can easily disable the YubiKey so that it no longer can be used.
For more information on Yubico security, see Yubico Documentation.