Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. devel
OpenSSH got U2F support - an idea for GnuPG?
tobias.wendorff at tu-dortmund
Jan 4, 2020, 2:19 PM
Post #1 of 3 (635 views)
Permalink
Hi there,

in November 2019, Yubikey released a patch for libfido2, which acts
as a middleware to talk between OpenSSH and U2F/FIDO2 tokens (so it
also works for the older FIDO(1) standard. Actually libfido2 now
"emulates" PKCS#11 (PIV card interface). Also OpenSSH got patched
to talk to U2F tokens now.

Duo wrote a nice article on it:
https://duo.com/labs/tech-notes/u2f-key-support-in-openssh

Would it be possible to use this technique on GnuPG? Sure, it doesn't
suite all security needs. But it could allow anyone with a U2F/FIDO2
token to use GnuPG f.e. for signing?

Would be happy to discuss to pros / cons with you.

Best regards,
Tobias



_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Re: OpenSSH got U2F support - an idea for GnuPG? [ In reply to ]
gnupg-devel at gnupg
Jan 8, 2020, 5:37 AM
Post #2 of 3 (632 views)
Permalink
Hi,

I started to read the protocol description weeks ago but other tasks
then deflected me from this. It is for sure something we should
eventually support.


Salam-Shalom,

Werner

--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.

Attached Files:

Re: OpenSSH got U2F support - an idea for GnuPG? [ In reply to ]
gnupg-devel at gnupg
Jan 14, 2020, 3:05 AM
Post #3 of 3 (620 views)
Permalink
Hi Tobias,

U2F devices sign data in a specified format so it's not possible to sign
any byte array [0], this could conflict with the way GnuPG calculates
what should be signed. If you check out OpenSSH U2F support in detail
you'll see that they defined special key type (ecdsa-sk [1]) that I
guess is used by server to wrap raw bytes in U2F structure before
signature verification.

[0]:
https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-u2f-overview-v1.2-ps-20170411.html#authentication-generating-a-signature
[1]: https://duo.com/labs/tech-notes/u2f-key-support-in-openssh

One interesting aspect of U2F is that virtually all tokens on the market
implement "unlimited number of keys" feature by having one
manufacturer-burned secret key and then deriving signing key from that
secret key and key handle (that's key ID that is passed by the application).

To be honest I think if someone has U2F token then there is a high
chance that this also includes OpenPGP applet. If not, the U2F token can
only be used for signing data, not for encryption. One advantage of U2F
tokens though is their relative low price.

Kind regards,
Wiktor

--
https://metacode.biz/@wiktor

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal