YubiKey 5 FIPS Series Specifics

These topics describe YubiKey 5 FIPS series support for FIPS 140-2 through FIPS 140-3.

• YubiKey 5 FIPS Series Specifics
  • NIST Version Certification
  • YubiKey 5 Firmware Support for Cryptographic Module Major Functions
  • FIDO Authenticator Supported Certifications
  • FIPS AAGUID and Form Factors
  • Credentials and Permitted Values
• Deploying the YubiKey 5 FIPS Series
• YubiKey Firmware 5.4 Changes
• FIPS 140-3 Changes
  • High-Level FIPS 140-3 Changes to YubiKey
  • PIV Changes for FIPS 140-3
  • Open PGP Changes for FIPS 140-3
  • FIDO2 Changes for FIPS 140-3
  • OATH Changes for FIPS 140-3
  • YubiHSM Auth Changes for FIPS 140-3
  • Security Domain (SCP03 and SCP11) Changes for FIPS 140-3
• FIPS 140-3 Configuration
  • Initializing the Approved Mode
  • Zeroisation Procedure
• FIPS 140-2 Level 2 Changes and Configuration
  • FIPS 140-2 Initialization Comparison: Level 1 vs Level 2
  • FIPS 140-2 Level 2 Configuration
• FIPS 140-2 Level 1 Configuration
• FIDO Configuration with FIPS
  • FIDO2 (WebAuthn)
  • FIDO U2F
• OATH Configuration with FIPS
  • OATH FIPS-approved Mode with FIPS 140-2 Level 2
• OTP Configuration with FIPS
  • Yubico OTP
  • OTP Deployment
• PIV Configuration with FIPS
  • Default Values
  • Supported Algorithms
  • Policies
  • Slot Information
  • Attestation
  • PIV/Smart Card Deployment
  • PIV FIPS-approved Mode with FIPS 140-2 Level 2
  • PIV Features as of YubiKey 5 FIPS Series

<!– Writers: Do not change the filename “fips-140-3-nist-requirement”. This file is required as a hard link for NIST 140-3 certification. –>