https://github.com/cjpatton/yubi
Building a better YubiKey. Term project for CNT 5410, Patrick Traynor, Fall 2017.
https://github.com/cjpatton/yubi
Last synced: 5 months ago
JSON representation
Building a better YubiKey. Term project for CNT 5410, Patrick Traynor, Fall 2017.
- Host: GitHub
- URL: https://github.com/cjpatton/yubi
- Owner: cjpatton
- Created: 2017-12-14T20:24:41.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2020-05-06T12:08:37.000Z (about 6 years ago)
- Last Synced: 2025-10-07T03:35:02.660Z (9 months ago)
- Language: TeX
- Homepage:
- Size: 418 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
Building a better YubiKey
=========================
Hardware tokens are pretty good at providing two-factor authentication. But as
if you're going to carry around a YubiKey in your pocket all the time, shouldn't
it do more? This directory contains PDF `yubi.pdf`, the beginnings of a
technical report analyzing the security of the symmetric-key YubiKey protocol,
and a proposal for making the protocol more flexible. It also contains a
reference implementation in Python.
Reference implementation of OTP2
--------------------------------
This directory contains a Python implementation of the OTP1 and OTP2 protocols
described in the text. The main module is `otp.py`; the remaining files are unit
and integration tests. Note that `otp_test.py` will fail unless you have a YubiKey
plugged into your system. (See the comments in the file for more details.)
**Installation.**
The code depends on Yubico's Python module. To install it, do
```
$ git clone git@github.com:yubico/python-yubico.git
$ cd pythong-yubico
$ python setup.py build
$ sudo python setup.py install
```
Now you should be able to run the unit tests:
```
$ python otp_test.py
```
Note that the **test will fail** unless you have a YubiKey plugged in that is
configured properly. To skip this test, comment out line `otp_test.py:109` that
reads `test1()`; `test2()` should pass even without a YubiKey.
**Running `softkey.py`.**
Class `SoftKey2` is a software version of the OTP2 hardware token. It is useful
for testing purpose. Program `softkey.py` executes a simple UDP server on
`localhost:8084` that dispatches requests to a test SoftKey2. We provide a few
simple test programs for illustrating its use:
* `softkey_otp0.py`: Simple OTP.
* `softkey_2fa.py`: Runs the 2FA protocol described in the text using
request-bounded OTP.
* `softkey_tranport.py`: Uses the transport and transport finish modes to
encrypt a message and associated data. The program also shows how to
decrypt.