Introduction
Scope
The aim of this document is to describe how to configure and use the YubiKey 5 in a mode such that it is compliant with CSPN (“Certificat de Sécurité de Premier Niveau” [RD1]).
For each YubiKey application which will require specific configuration, there will be a short introduction, followed by the required settings to achieve the target, and finally, a technical description of the configuration itself.
References
Acronyms
Acronym | Description |
---|---|
2FA | Two-Factor Authentication |
AES | Advanced Encryption Standard |
BSI | Bundesamt für Sicherheit in der Informationstechnik |
CC | Common Criteria |
CCID | Chip Card Interface Device |
CSPN | Certificat de Sécurité de Premier Niveau |
CTAP2 | Client to Authenticator Protocol v2 |
DES | Data Encryption Standard |
FIDO | Fast Identity Online |
HMAC | Hash-Based Message Authentication Code |
HOTP | HMAC-Based One Time Password |
NIST | National Institute of Standards and Technology |
OATH | Open AuTHentication |
OTP | One Time Password |
PIV | Personal Identity Verification |
PBKDF2 | Password Based Key Derivation Function |
PIN | Personal Identification Number |
PIV | Personal Identity Verification |
PUK | PIN Unblocking Key |
SHA | Secure Hash Algorithm |
TOTP | Time-Based One Time Password |
U2F | Universal Second Factor |
RFC | Request For Comments |
W3C | World Wide Web Consortium |
To get in touch with Yubico Support, click here.