source

Introduction and Disclaimer

Hello my fellow tech-guys. This entry marks the start of my new series on Yubikeys. It will be a step-by-step guide, starting from buying the device online and ending in descriptions of various use-cases in your daily tech-life. Please keep in mind that online security and cryptography are very delicate topics and I do not claim to be an expert. Do not simply believe what you read here, but think critically about it and try to verify it with other sources. I am not going to take any responsibility if anything goes wrong, neither from mistakes on your part, nor based on wrong explanations or claims from me.

Part 1: The Basics

I was planning to make this post about what a Yubikey is, but it soon became evident that I would have to explain so many concepts along the way, that the overall idea would be lost. Because of that, I decided to postpone the details and instead try to write down a list of important concepts and explain them as clearly as possible.

The Concept of Public-/Private-Key Security

Imagine you want to send your friend on the other side of the world a very secret message. How do you make sure no one can read the message except your friend?

I'll go ahead and guess that you thought something like: Use a password to encrypt the message. Very good. But how do you make sure that your friend, who is literally on the other side of the planet, knows what password to use? The only way to achieve this really is to fly over there yourself and tell your friend the password. Any other way (like over telephone, mail, ...) there will always be a chance that someone in the middle will get wind of your password. Another problem with this approach is usually the complexity of the password. If it is easy enough to be remembered, chances are it is not strong enough, at least not by a long shot. If the password is very complex on the other hand, you will have to write it down somewhere, which in turn will create another opportunity for the password to be stolen.

Luckily there is an alternative called asymmetric encryption (in contrast to the method above which is called symmetric encryption). The mathematical details are fairly complex, but imagine it this way: Your friend creates a very good lock (think of a padlock) and a key to this lock. He will keep the key to himself at all times (this key is what is called a private key). But he can send you a copy of the open lock (the public key). In fact he can send this open lock to anyone, he can even publish it on the internet, because everything anyone will ever be able to do with it is lock messages that only your friend can open. All you need to do now is to take your friend's lock (which is open) and use it to lock your secret message with (think of closing the padlock without having the key to open it again). As soon as the lock is closed, even you yourself will no longer be able to open the message. Only your friend who possesses the key can open it. This way you can send your secret message, without the need for another safe communications-channel to transmit a password.

Read about it in more depth here: Wikipedia

How to Guard the Private Key

One of the bigger problems with asymmetric encryption is that after all is said and done your private key is basically nothing else than a really long and complex password. So complicated that you will never ever be able to memorize it, which essentially means that you will have to write it down, or more likely store it in a file on a computer. If your computer ever gets hacked or otherwise compromised (maybe you don't even notice that something is spying on your system), your messages are no longer safe.

The common way to mitigate this problem is to use a symmetric password to encrypt the private key whenever it is not in use. This can work, but again the problem with memorable passwords: They usually are not strong enough. And even if you use a very good password, who can guarantee you that in those moments when you actually use the private key (and therefore decrypt it) it does not get stolen by some clever spyware?

The only way to prevent all of these scenarios is to store the private key on an external device that has no network access, and to have that device perform all cryptographic operations for you. This way it is only possible to compromise your key by physically stealing this external device. And even then, the device could easily be designed to only work after a PIN has been entered, and to brick itself after too many wrong PIN entries. Sounds familiar? Yes, it reminds you of your credit card, which brings me to the topic of smart cards.

Smart Cards

Usually smart cards are simply small computer chips that are fixed to some sort of carrier. You know them from SIM- and credit cards for example. They are programmed with some sort of private key, and have some interface which which they can be connected to a computer, smartphone, ATM or whatever. Every time the parent computer wants to do something with this private key that is stored on the smart card, it will send the data to the chip on the card, which will then perform the requested operation and send the result back to the computer.

So smart cards are a very nice thing to have, why not just use them? The problem with smart cards is usually that they need special card readers (think of the terminals you plug your credit card in) as well as dedicated software drivers. This is why usually you will find smart cards used for authentication or encryption only in very large companies.

More about smart cards here: Wikipedia

The Yubikey

Ok, now that you understand all of the above ideas it is really simple to explain the idea behind Yubikeys:

1. Pick a smart card chip (without the plastic carrier)
2. Combine it with a chip that behaves as a smart card reader
3. Add a USB interface
4. Design the whole thing to be of the size of a house-key
5. Call it Yubikey!

In other words: A Yubikey is a smart card with its own card reader and a USB interface. All a user needs to do to use it is plug it into a free USB slot on his computer. After the Yubikey is programmed with a private key, this key will never ever under any circumstance leave the chip. All encryption/authentication happens directly in the hardware of the Yubikey.

Find out more about Yubikeys here: Yubico.com

Next Time

In the next post of this series I will try to give you a list of all the things you can do with a properly configured Yubikey. Stay tuned!