FIPS 140-3 Changes

The YubiKey 5 FIPS Series based on the 5.7.x firmware is undergoing a number of changes for FIPS 140-3 submission. The most notable of these changes is that the FIPS-specific requirements are now enforced by the YubiKey.

Important

YubiKeys are shipped with FIPS approved mode OFF. The functions listed for FIPS 140-3 cannot create credentials until the YubiKeys are put in FIPS approved mode. See

High-Level FIPS 140-3 Changes to YubiKey

  • Hardware-Enforced Compliance: The most notable change in FIPS 140-3 is that FIPS-specific requirements are now strictly enforced by the YubiKey itself.
  • No Pre-Validation Credential Creation: The device will explicitly refuse to create credentials across any application until it is securely configured and in FIPS Approved Mode.
  • Stricter PIN Requirements: FIDO2, PIV, and OpenPGP now strictly enforce an 8-character minimum PIN length. PIN complexity is enabled by default to adhere to NIST SP800-63b guidelines.
  • Larger Key Sizes: To meet enterprise and Department of Defense (DoD) demands, the YubiKey supports larger key sizes to provide superior protection until Post-Quantum Cryptography matures

PIV Changes for FIPS 140-3

Highlights

  • PIN/PUK: The default PIN and PUK must be changed to an 8-character value, and the Management Key must be changed to an AES key.
  • Deprecated Algorithms: The use of RSA1024, TDEA (3DES), and X25519 is no longer permitted.
  • Blocked Operations: The use of RSA decryption, X25519, and SECP256k1 is strictly blocked. Changing any PIN or Reset Code to a value shorter than 8 characters is also prevented.
  • NFC Security: For both PIV and OpenPGP, all operations performed over NFC must now go through a secure channel (SCP03 or SCP11)

FIPS Approved Mode

In order for the PIV application to be in FIPS Approved Mode, the following requirements must be met:

  • The default PIN needs to be changed to an 8 character value
  • The default PUK needs to be changed and remain an 8 character value
  • The default Management Key needs to be changed and be set to an AES key.

Additional Changes

  • Creating credentials prior to the application being in FIPS Approved Mode is not acceptable. The device will refuse to create credentials until it is in FIPS Approved Mode.
  • Using RSA1024, TDEA, and/or X25519 is not allowed.
  • Operations over NFC must go through a secure channel (SCP03 or SCP11).

Open PGP Changes for FIPS 140-3

Highlights

The default User PIN, Admin PIN, and Reset Code (if set) must all be changed to a minimum of 8 characters.

FIPS Approved Mode

In order for the OpenPGP application to be in FIPS Approved Mode, the following requirements must be met:

  • The default user PIN must be changed and it must be at least 8 characters
  • The default admin PIN must be changed and it must be at least 8 characters
  • If the Reset Code is set, it must be at least 8 characters.

Additional Changes

  • The use of RSA decryption, X25519 and SECP256k1 is blocked.
  • Changing the user PIN, admin PIN or Reset Code to a value shorter than 8 characters is blocked.
  • Operations over NFC must go through a secure channel (SCP03 or SCP11).
  • Creating credentials prior to the application being in FIPS Approved Mode is not acceptable. The device will refuse to create credentials until it is in FIPS Approved Mode.

FIDO2 Changes for FIPS 140-3

Highlights

  • A FIDO2 PIN must be set and must be at least 8 characters long.
  • alwaysUV Permanently Enabled: User Verification (UV) is strictly enforced for operations.
  • Legacy U2F Disabled: U2F functionality is disabled entirely on FIPS-capable devices under the 140-3 standard.
  • NFC Protocol: PIN Protocol v2 must be used over NFC unless a secure channel (SCP03 or SCP11) is established.

FIPS Approved Mode

In order for the FIDO2 application to be in FIPS Approved Mode,

  • The FIDO2 PIN must be set and it must be at least 8 characters.

Additional Changes

  • Creating credentials prior to the application being in FIPS Approved Mode is not acceptable. The device will refuse to create credentials until it is in FIPS Approved Mode.
  • PIN Protocol v2 must be used over NFC unless a secure channel is set up (SCP03 or SCP11).
  • alwaysUV is permanently enabled.
  • U2F is disabled on FIPS-capable devices.

OATH Changes for FIPS 140-3

Highlights

  • An access code must be set with a minimum length of 14 bytes.
  • When configuring over NFC, “SET CODE” and “PUT” commands must go through a secure channel (SCP03 or SCP11)

FIPS Approved Mode

In order for the OATH application to be in FIPS Approved Mode, the following requirements must be met:

  • The access code must be set (minimum length of 14 bytes).

Additional Changes

  • Creating credentials prior to the application being in FIPS Approved Mode is not acceptable. The device will refuse to create credentials until it is in FIPS Approved Mode.
  • When performed over NFC, SET CODE and PUT must go through a secure channel (SCP03 or SCP11).

YubiHSM Auth Changes for FIPS 140-3

Highlights

  • The default admin code must be changed.
  • Operations performed over NFC must go through a secure channel (SCP03 or SCP11).

FIPS Approved Mode

In order for the YubiHSM Auth application to be in FIPS Approved Mode, the following requirements must be met:

  • The default admin code must be changed.

Additional Changes

  • Creating credentials prior to the application being in FIPS Approved Mode is not acceptable. The device will refuse to create credentials until it is in FIPS Approved Mode.
  • Operations performed over NFC must go through a secure channel (SCP03 or SCP11).

Security Domain (SCP03 and SCP11) Changes for FIPS 140-3

Highlights

  • The default key set must be changed for the Security Domain application to be in FIPS Approved Mode.
  • USB restriction: Until the application is in FIPS Approved Mode, the default key set can only be used to establish a secure channel with the Security Domain itself, only for the purpose of loading a new key set, and this operation must be performed exclusively over USB

FIPS Approved Mode

In order for the Security Domain application to be in FIPS Approved Mode, the following requirements must be met:

  • The default key set must be changed.

Additional Changes

  • Until the application is in FIPS Approved mode, the default key set can only be used to establish a secure channel with the Security Domain itself and only for the purpose of loading a new key set. This operation must be performed over USB.