YubiKey Technical Manual

Contents

• Introduction to the YubiKey Series
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • YubiKey 5 CCN Series
  • YubiKey 5 Enhanced PIN Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey 5 CSPN Series
  • Firmware
• Physical Attributes
  • YubiKey NFC
  • YubiKey Nano
  • YubiKey 5C
  • YubiKey 5C Nano
  • YubiKey 5Ci
  • YubiKey C NFC
  • YubiKey 5 Enhanced PIN Series
  • YubiKey 5 CCN Series
  • YubiKey Bio Series
  • Security Key Series
  • YubiKey Markings
  • YubiKey Connection Interfaces
  • YubiKey ID Numbers
  • Verify the YubiKey and Packaging
  • Care and Cleaning
• Firmware Overview
  • YubiKey 5 Series
  • YubiKey 5 FIPS Series
  • Firmware Capability Matrices
• Protocols and Applications
  • FIDO2
  • FIDO U2F
  • Smart Card (PIV Compatible)
  • OATH
  • OpenPGP
  • OTP
  • YubiHSM Auth
• 5.7 Firmware Specifics
  • CTAP 2.1 Feature Summary
  • FIDO2 Extensions
  • FIDO Level 2
  • PIV Enhancements
  • PIN Complexity
  • Expanded Storage (FIDO2 and OATH)
  • Restricted NFC
  • Yubico Crypto Library
  • Yubico Root Certificate Authority (CA)
• Firmware Specifics Prior to 5.6.x
  • Secure Channel (Firmware 5.3.0 and later)
  • NFC ID: Calculation Changed (5.3.0)
  • YubiHSM Auth (5.4.3)
  • YubiHSM Auth
• YubiKey 5 FIPS Series Specifics
  • NIST Version Transition
  • YubiKey 5 FIPS Series Cryptographic Module Major Functions
  • YubiKey 5 FIPS Series Changes under FIPS 140-3
  • YubiKey 5 FIPS Series Changes with Firmware 5.4
  • Deploying the YubiKey 5 FIPS Series
  • OTP: FIPS 140-2 with YubiKey 5 FIPS Series
  • OATH: FIPS 140-2 with YubiKey 5 FIPS Series
  • FIDO: FIPS 140-2 with YubiKey 5 FIPS Series
  • PIV: FIPS 140-2 with YubiKey 5 FIPS Series
• FIPS 140-3 Configuration
  • Initializing the Approved Mode
  • Zeroisation Procedure
• YubiKey Bio Series Specifics
  • Using the YubiKey Bio Series
  • Physical Attributes
  • Protocols Supported
  • Requirements: Platform and Browser Compatibility
  • YubiKey Bio and FIDO2
  • YubiKey Bio and FIDO U2F
  • YubiKey Bio and PIV
  • How the YubiKey Bio Works
  • User Experiences
  • Unblocking and Resetting the YubiKey Bio
  • Using Chrome to Enroll Fingerprints
  • Using Windows to Enroll Fingerprints
  • Fingerprint Tips
  • Troubleshooting and Tools
• Secure Channel Protocol (SCP03 and SCP11)
  • Yubico Secure Channel Technical Description
  • Yubico Secure Channel Key Diversification and Programming
  • Yubico SCP03 Developer Guidance
• NFC ID Calculation Technical Description
  • YubiKey for Door Access
  • NFC ID Calculation for YubiKey v5.2.x and Earlier
  • NFC ID Calculation for YubiKey v5.3.0 and Later
• Tools and Troubleshooting
  • Managing Applications
  • Yubico Authenticator
  • YubiKey Manager GUI / ykman CLI
  • YubiKey Minidriver
  • YubiKey Verification Site and FIDO Application Demo Site
  • Troubleshooting
• YubiKey 5 CSPN Series Specifics
  • CSPN Mode Configuration
  • One-Time Password - OTP
  • OATH
  • FIDO U2F
  • FIDO2
  • PIV
  • References
• Acronyms
• Copyright
  • Trademarks
  • Disclaimer
  • Contact Information
  • Getting Help
  • Feedback
  • Document Updated