Protocols and Applications

The YubiKey 5 Series provides applications for a wide variety of authentication options: FIDO2, OATH, OpenPGP, OTP, Smart Card, U2F. The applications are all separate from each other, with separate storage for keys and credentials. This section references enhancements provided by the YubiKey 5.4.X firmware.

For information on managing these applications, see Tools and Troubleshooting.

FIDO2

The FIDO2 standard offers the same high level of security as FIDO U2F, since it is based on public key cryptography. In addition to providing phishing resistant two-factor authentication, the FIDO2 application on the YubiKey allows for the storage of resident credentials. As the resident credentials can accommodate the username and other data, this enables truly passwordless authentication on sites and applications that support the WebAuthn protocol. YubiKeys in the 5 Series can hold up to 25 resident keys.

FIDO2 support is available to the iPad Pro via the USB-C or Lightning® connectors of the YubiKey 5Ci. FIDO2/WebAuthn can be achieved over USB-C using any of the following options:

  • ASWebAuthenticationSession
  • SFSafariViewController
  • Redirect to Safari browser

For more details on support for the iPad Pro, see iPad and iPad Pro below, and to see which U2F/FIDO2 security keys currently work with iOS/iPadOS 13.3+ devices using the Safari browser in combination with apps using SFSafariViewController or ASWebAuthenticationSession - see Supporting U2F or FIDO2 Security Keys on iOS or iPadOS | Security Key Compatibility.

Locking FIDO2 Credentials

The resident credentials can be left unlocked and used for strong single-factor authentication, or they can be protected by a PIN for two-factor authentication.

  • The FIDO2 PIN must be between 4 and 128 characters in length.
  • Once a FIDO2 PIN is set, it can be changed but it cannot be removed without resetting the FIDO2 application.
  • If the PIN is entered incorrectly 8 times in a row, the FIDO2 application will be locked. In order to restore this functionality, the FIDO2 application must be reset.

Note

Resetting the FIDO2 application will also reset the U2F key, so the YubiKey must be re-registered not only with all the FIDO2 sites, but also with all U2F sites.

Note

The YubiKey 5Ci supports Credential Management to allow for selective deletion of resident keys. See the guide to the Enhancements to FIDO 2 Support for details.

Default Values

PIN: None set.

AAGUID Values

See FIDO2 AAGUIDs for the AAGUIDs of all YubiKeys for the more recent firmware releases.

Supported Extensions

The YubiKey 5 Series supports only the AppID extension (appid) as defined by the W3C Web Authentication API specification. This extension allows U2F credentials registered using the legacy FIDO JavaScript APIs to be used with WebAuthn. That means that if you register a YubiKey in the 5 Series on a website that used U2F at that time and later upgrades to FIDO2, your U2F credentials will continue to work on the website.

FIDO U2F

FIDO U2F is an open standard that provides strong, phishing-resistant two-factor authentication for web services using public key cryptography. U2F does not require any special drivers or configuration to use, just a compatible web browser. The U2F application on the YubiKey can be associated with an unlimited number of U2F sites.

OATH

The OATH application can store up to 32 OATH credentials, either OATH-TOTP (time based) or OATH-HOTP (counter based). These credentials are separate from those stored in the OTP application, and can only be accessed via the CCID channel. In order to manage these credentials and read the OTPs generated by the YubiKey, the Yubico Authenticator is needed.

Access to the OTPs can be restricted by setting a password for this application.

Note

Developers: using the OATH application functions on iOS requires the Yubico iOS SDK.

OATH-HOTP

When an OATH-HOTP credential is programmed, the OTP is generated using the standard RFC 4226 HOTP algorithm and the YubiKey will automatically type the OTP. Optionally, the OTP can be prefixed by a public identity, conforming to the openauthentication.org Token Identifier Specification.

OpenPGP

The OpenPGP application provides an OpenPGP-compatible smart card in compliance with version 3.4 of the specification if the YubiKey firmware is 5.2.3 or later. If the firmware is an earlier version, the OpenPGP-compatible smart card is in compliance with version 2.0 of the specification.

OpenPGP-compatible smart card can be used with compatible PGP software such as GnuPG (GPG) and can store one PGP key each for authentication, signing, and encryption. Similar to the PIV / Smart Card touch policy, the OpenPGP application can also be set to require the YubiKey’s metal contact be touched to authorize an operation.

Note

Developers: using the OpenPGP functions on iOS requires the Yubico iOS SDK.

YubiKey firmware 5.2.3 and above in combination with OpenPGP 3.4:

  • Extends existing RSA support for OpenPGP operations to ECC algorithms
  • Provides the Yubico Attestation feature for verifying keys generated on a YubiKey device
  • Utilizes separate x.509 cardholder certificates alongside the existing OpenPGP certificates for authentication, signature and encryption/decipher
  • Bring attestation functionality to OpenPGP keys and certificates generated on a YubiKey
  • Improves security by supporting Key Derivation Function (KDF) PINs. With KDF enabled, the PIN is stored as a hash on the YubiKey. The OpenPGP client will only pass the hashed value, never the PIN directly.

Elliptic Curve Cryptographic (ECC) Algorithms

The YubiKey 5.2.3 firmware added support for ECC algorithms. These can be used for Signature, Authentication and Decipher keys. The full list of curves supported by OpenPGP 3.4 can be found in section 4.4.3.10 of the OpenPGP Smart Card 3.4 spec (page 35).

In addition to RSA Algorithms, YubiKeys support the following ECC algorithms:

  • secp256r1
  • secp256k1
  • secp384r1
  • secp521r1
  • brainpoolP256r1
  • brainpoolP384r1
  • brainpoolP512r1
  • curve25519
    • x25519 (decipher only)
    • ed25519 (sign / auth only)

For further details on the new features, including key attestation, expanded encryption algorithms and additional cardholder certificates, refer to Enhancements to OpenPGP Support.

RSA Algorithms

  • RSA 1024
  • RSA 2048
  • RSA 3072 (requires GnuPG version 2.0 or higher)
  • RSA 4096 (requires GnuPG version 2.0 or higher)

Default Values

  • PIN: 123456
  • Admin PIN: 12345678

OTP

The OTP application provides two programmable slots, each of which can hold one of the types of credentials listed below. A Yubico OTP credential is programmed to slot 1 during manufacturing. Output is sent as a series of keystrokes from a virtual keyboard.

  • Trigger the YubiKey to produce the credential in the first slot by briefly touching the metal contact of the YubiKey.
  • If a credential has been programmed to the second slot, trigger the YubiKey to produce it by touching the contact for 3 seconds.

Yubico OTP

Yubico OTP is a strong authentication mechanism that is supported by the YubiKey 5 Series. Yubico OTP can be used as the second factor in a two-factor authentication (2FA) scheme or on its own, providing single-factor authentication.

The OTP generated by the YubiKey has two parts, with the first 12 characters being the public identity which a validation server can link to a user, while the remaining 32 characters are the unique passcode that is changed each time an OTP is generated.

The character representation of the Yubico OTP is designed to handle a variety of keyboard layouts. It is crucial that the same code is generated if a YubiKey is inserted into a German computer with a QWERTZ layout, a French one with an AZERTY layout, or a US one with a QWERTY layout. The “Modhex”, or Modified Hexadecimal coding, was invented by Yubico to use only specific characters to ensure that the YubiKey works with the maximum number of keyboard layouts. (USB keyboards send their keystrokes by means of “scan codes” rather than the actual character. The translation to keystrokes is done by the device to which the YubiKey is connected).

Static Password

A static password can be programmed to the YubiKey so that it will type the password for you when you touch the metal contact.

For managing multiple passwords, see the password managers that the YubiKey can secure with two-factor authentication (2FA).

HMAC-SHA1 Challenge-Response

This type of credential is most often used for offline authentication, as it does not require contacting a server for validation.

An HMAC-SHA1 Challenge-Response credential enables software to send a challenge to the YubiKey and verify that an expected, predetermined response is returned. This credential can also be set to require a touch on the metal contact before the response is sent to the requesting software. This type of credential must be activated by the software sending the challenge; it cannot be activated by touching the metal contact on the YubiKey.

Note

Developers: as the Challenge-Response function requires two-way communication with the YubiKey, using this feature on iOS requires the Yubico iOS SDK.

Smart Card (PIV Compatible)

The YubiKey 5 Series provides a PIV-compatible smart card application. PIV, or FIPS 201, is a US government standard. It enables RSA or ECC sign/encrypt operations using a private key stored on a smart card through common interfaces like PKCS#11.

On Windows, the smart card functionality can be extended with the YubiKey Smart Card Minidriver.

Note

The YubiKey Smart Card Minidriver is not available for Android, Linux, macOS or iOS.

The YubiKey 5 Series supports extended APDUs, extended Answer To Reset (ATR), and Answer To Select (ATS). Using the PIV APDUs on iOS requires the Yubico iOS SDK.

Default Values

  • PIN: 123456
  • PUK: 12345678
  • Management Key (3DES): 010203040506070801020304050607080102030405060708

Supported Algorithms

The YubiKey 5 Series supports the following algorithms on the PIV smart card application.

  • RSA 1024
  • RSA 2048
  • ECC P-256
  • ECC P-384

Policies

PIN Policy

To specify how often the PIN needs to be entered for access to the credential in a given slot, set a PIN policy for that slot. This policy must be set upon key generation or import; it cannot be changed later.

Touch Policy

In addition to requiring the PIN, the YubiKey can require a physical touch on the metal contact. Similar to the PIN policy, the touch policy must be set upon key generation or import.

Slot Information

The keys and certificates for the smart card application are stored in slots, which are described below. The PIN policies described below are the defaults, before they are overridden with a custom PIN policy. These slots are separate from the programmable slots in the OTP application.

Slot 9a: PIV Authentication

This certificate and its associated private key is used to authenticate the card and the cardholder. This slot is used for system login, etc. To perform any private key operations, the end user PIN is required. Once the correct PIN has been provided, multiple private key operations may be performed without additional cardholder consent.

Slot 9c: Digital Signature

This certificate and its associated private key is used for digital signatures for the purpose of document, email, file, and executable signing. To perform any private key operations, the end user PIN is required. The PIN must be submitted immediately before each sign operation to ensure cardholder participation for every digital signature generated.

Slot 9d: Key Management

This certificate and its associated private key is used for encryption to assure confidentiality. This slot is used for encrypting emails or files. The end user PIN is required to perform any private key operations. Once the correct PIN has been provided, multiple private key operations may be performed without additional cardholder consent.

Slot 9e: Card Authentication

This certificate and its associated private key is used to support additional physical access applications, such as providing physical access to buildings via PIV-enabled door locks. The end user PIN is NOT required to perform private key operations for this slot.

Slots 82-95: Retired Key Management

These slots are meant for previously used Key Management keys to be able to decrypt earlier encrypted documents or emails.

Slot f9: Attestation

This slot is only used for attestation of other keys generated on device with instruction f9. This slot is not cleared on reset, but can be overwritten.

Attestation

Attestation enables you to verify that a key on the smart card application was generated on the YubiKey and was not imported. An X.509 certificate for the key to be attested is created if the key has been generated on the YubiKey. Included in the certificate are the following extensions that provide information about the YubiKey.

  • 1.3.6.1.4.1.41482.3.3: Firmware version, encoded as three bytes. For example, 050100 indicates firmware version 5.1.0.
  • 1.3.6.1.4.1.41482.3.7: Serial number of the YubiKey, encoded as an integer.
  • 1.3.6.1.4.1.41482.3.8: Two bytes, the first encoding the PIN policy and the second encoding the touch policy.
  • PIN policy:
    • 01 - never require PIN
    • 02 - require PIN once per session
    • 03 - always require PIN.
  • Touch policy:
    • 01 - never require touch
    • 02 - always require touch
    • 03 - cache touch for 15 seconds.
  • 1.3.6.1.4.1.41482.3.9: YubiKey’s form factor, encoded as a one-byte octet-string.
  • USB-A Keychain: 0x01
  • USB-A Nano: 0x02
  • USB-C Keychain: 0x03
  • USB-C Nano: 0x04
  • USB-C and Lightning®: 0x05
  • Undefined: 0x00

Changes

Answer to Reset (ATR) and Answer to Select (ATS)

The ATR has been changed from “Yubikey 4” to “YubiKey” and adds support for ATS.

PIV Attestation Root CA

YubiKeys in the 5 Series have a PIV attestation root certificate authority different from the one previous YubiKeys had. You can download the certificate of the new root certificate authority on the PIV attestation page.

Easier Identification

The YubiKey 5 Series devices can report their form factor via the PIV application whether or not they have an NFC interface. This enables easier, programmatic identification of the physical attributes of the YubiKey. For more information about how to query this information, see the YubiKey 5 Series Configuration Reference Guide.