########################################################################################## PHPCRED-40: Allow new keys to be seeded with a Yubikey press ########################################################################################## Issue Type: New Feature ----------------------------------------------------------------------------------------- Issue Information ==================== Priority: Major Status: Closed Resolution: Won't Fix (2019-09-09 15:51:10) Project: PHPCredlocker (PHPCRED) Reported By: btasker Assigned To: btasker Time Estimate: 0 minutes Time Logged: 0 minutes ----------------------------------------------------------------------------------------- Issue Description ================== The output of a yubikey is complex, though technically predictable by Yubico. To help lessen the potential effect of a compromised RNG on the server, the following could be implemented during key generation - Field to provide a Yubikey press (optional) If provided, XOR the submission (minus the first 12 chars which never change) against a stream from the servers RNG. Both sources of entropy would then need to be compromised in order to calculate the key. ----------------------------------------------------------------------------------------- Activity ========== ----------------------------------------------------------------------------------------- 2019-09-09 15:51:10 btasker ----------------------------------------------------------------------------------------- Bulk Closing as Won't Fix. Credlocker is EOL so no further work will be done. ----------------------------------------------------------------------------------------- 2019-09-09 15:51:10 ----------------------------------------------------------------------------------------- btasker changed status from 'Open' to 'Closed' ----------------------------------------------------------------------------------------- 2019-09-09 15:51:10 ----------------------------------------------------------------------------------------- btasker added 'Won't Fix' to resolution