Introduction
Scope
The aim of this document is to describe how to configure and use the YubiKey 5 in a mode such that it is compliant with CSPN (“Certificat de Sécurité de Premier Niveau” [RD1]).
For each YubiKey application which will require specific configuration, there will be a short introduction, followed by the required settings to achieve the target, and finally, a technical description of the configuration itself.
References
Acronyms
| Acronym | Description |
|---|---|
| 2FA | Two-Factor Authentication |
| AES | Advanced Encryption Standard |
| BSI | Bundesamt für Sicherheit in der Informationstechnik |
| CC | Common Criteria |
| CCID | Chip Card Interface Device |
| CSPN | Certificat de Sécurité de Premier Niveau |
| CTAP2 | Client to Authenticator Protocol v2 |
| DES | Data Encryption Standard |
| FIDO | Fast Identity Online |
| HMAC | Hash-Based Message Authentication Code |
| HOTP | HMAC-Based One Time Password |
| NIST | National Institute of Standards and Technology |
| OATH | Open AuTHentication |
| OTP | One Time Password |
| PIV | Personal Identity Verification |
| PBKDF2 | Password Based Key Derivation Function |
| PIN | Personal Identification Number |
| PIV | Personal Identity Verification |
| PUK | PIN Unblocking Key |
| SHA | Secure Hash Algorithm |
| TOTP | Time-Based One Time Password |
| U2F | Universal Second Factor |
| RFC | Request For Comments |
| W3C | World Wide Web Consortium |
To get in touch with Yubico Support, click here.