.. 5.4.x-firmware-specifics.rst .. _fw-before-5.6.x-label: ================================= Firmware Specifics Prior to 5.6.x ================================= This section gives summary descriptions of features that came out with firmware versions prior to the current 5.7.x release. .. _secure-channel-label: Secure Channel (Firmware 5.3.0 and later) ========================================= Secure channel is used for establishing an authenticated and encrypted communication channel over CCID between a host and the secure element on the YubiKey. The YubiKey security domain can store three concurrent long-lived transport key sets. SCP03 (`Secure Channel Protocol 03 `_), which is part of the GlobalPlatform standard, is a framework for mutual authentication and encrypted transport between hosts and secure elements in smart cards. This protocol for secure channel is implemented on YubiKeys as of Yubico 5.3.0 firmware. For **detailed descriptions** of the secure channel feature refer to :ref:`yk5-secure-channel-tech-desc-label`, :ref:`yk5-secure-channel-diverse-key-programming-label`, and :ref:`yk5-SCP03-developer-label`. .. Note:: Applications based on PKCS #11 or Microsoft CNG do not usually use the secure channel. Security Domains & Key Diversification -------------------------------------- The authenticated and encrypted communication channel takes place over the CCID interface between a host and the secure element on the YubiKey. This includes configuration of, or communication from, CCID applications. The secure channel feature can therefore be used to load application keys onto the YubiKey to be used with the CCID applications OATH, OpenPGP, or PIV. .. figure:: /graphics/writing-CCID-application-keys-over-SCP03.png *Writing CCID Application Keys over SCP03* The YubiKey security domain can store three concurrent transport key sets. A transport key set contains three long-lived AES keys. When a session is established, the session AES keys are derived from the long-lived transport key set. Key diversification is the process of deriving a secure channel static transport key set from a Batch Master Key (BMK), the YubiKey identifier (part of the device serial number), and additional metadata. Key diversification therefore facilitates secure distribution of key sets over a secure channel. To derive the YubiKey transport key sets, the Batch Master Key (BMK) is shared with the CMS system. If the CMS vendor gives Yubico access to its BMK, Yubico can preprogram the secure channel transport key sets for the YubiKey 5 batches. The BMK could be protected by the YubiHSM2. In order to import new transport key sets, establish a secure channel with the security domain. Do this with a previously loaded transport key set or the default transport key set. Each secure channel transport key set is protected by being written to the YubiKey security domain in the secure element and stored in a server, typically a CMS system. The host that is accessing the YubiKey has an agent that connects to the CMS system to retrieve the secure channel key set. Based on the secure channel key set, both on the host and the YubiKey, a secure session is established. .. figure:: /graphics/establish-SCP03-secure-channel.png *Establish SCP03 Secure Channel* Secure Channel Benefits and Usage --------------------------------- * Encryption application keys can be stored on the CMS server as well as on the YubiKey. If the YubiKey is lost or compromised, the encryption key can be recovered and loaded onto a replacement YubiKey. * Key diversification enables simplified and secured distribution of secure channel transport key sets as only the BMK must be shared with the CMS system to derive the YubiKey transport key sets. * The secure channel transport key sets can be preprogrammed at the YubiKey batches by Yubico, if the Yubico supply chain has access to the BMK of the CMS vendor. * The CMS system can generate the secure channel transport key sets based on the YubiKey serial numbers, the BMK, and additional metadata. The CMS can then use the initial secure channel transport key set for writing additional secure channel transport key sets to the YubiKeys. .. figure:: /graphics/SCP03-key-diversification.png *SCP03 Key Diversification* For more technical information, see :ref:`yk5-secure-channel-diverse-key-programming-label`. .. _sec-channel-cplc-label: Secure Channel CPLC Data ------------------------ The Card Production Life Cycle (CPLC) data object is a random dataset that is stored on each YubiKey to assure unique identification of the YubiKeys in CMS. Although it is officially deprecated from the SCP03 standard, it is still widely used to hold card data specific to CMS services or to uniquely identify smart cards. Therefore Yubico has implemented the CPLC data object to provide unique identification of YubiKeys for CMS vendors. For a more detailed description of CPLC data object, see :ref:`sec-channel-cplc-label`. .. _nfc-id-label: NFC ID: Calculation Changed (5.3.0) =================================== Crucial to vendors of physical access control systems and door protection systems utilizing NFC readers, the modification of the YubiKey NFC ID calculation enables NFC readers and access management systems (door locks) using the NFC ID tag to identify NFC-enabled YubiKeys, including those without serial numbers. It is now calculated so that a unique string is returned in the first part of the NFC ID. Until the release of the 5.3.0 firmware, the fact that some access control systems truncate the YubiKey NFC ID meant that YubiKey 5 NFC IDs appeared to be non-unique. For more technical information on this, see :ref:`yk5-nfc-id-tech-desc-label`. .. _yubihsm-auth-5.4.3-label: YubiHSM Auth (5.4.3) ==================== .. include:: includes/protocol-yubihsm-auth.rst YubiHSM Auth is a CCID application that can store long-lived credentials (AES keys) that are used to establish secure sessions to a YubiHSM 2. By providing an external challenge, a derivation scheme that yields three session keys is executed. The session keys are not stored on the YubiKey but simply output as a result. The session keys can be used for authentication to the YubiHSM 2. The authentication scheme is based on SCP03 (see :ref:`secure-channel-label` above). Each long-lived YubiHSM Auth credential is protected by a user access code that has to be provided to authenticate each session. Storing and deleting credentials requires a separate admin access code. Benefits and Usage ------------------- YubiHSM Auth enables the secure storage of the long-lived credentials for accessing a YubiHSM 2. The existing authentication solution for the YubiHSM 2 is based on software credentials derived from the Password-Based Key Derivation Function 2 (PBKDF2) algorithm with a password as input. Generating keys using PBKDF2 is just for convenience. It is preferable - and recommended - to provide AES keys directly to avoid exposing them to attack. Not only is it important to avoid losing the derivation password or the keys themselves (as those are basically the same thing), but those credentials also * Exist outside a secure element and * Need to be given in clear text to the program that uses them loads them into memory. With YubiHSM Auth only the ephemeral session keys exist outside a secure environment. ---------- Click for `Yubico Support `_.