PHPCRED-40: Allow new keys to be seeded with a Yubikey press

Issue Information

Issue Type: New Feature
 
Priority: Major
Status: Closed

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: PHPCredlocker (PHPCRED)
Resolution: Won't Fix (2019-09-09 15:51:10)

Created: 2014-10-25 16:30:23
Time Spent Working


Description
The output of a yubikey is complex, though technically predictable by Yubico.

To help lessen the potential effect of a compromised RNG on the server, the following could be implemented during key generation

- Field to provide a Yubikey press (optional)

If provided, XOR the submission (minus the first 12 chars which never change) against a stream from the servers RNG.

Both sources of entropy would then need to be compromised in order to calculate the key.


Toggle State Changes

Activity


2019-09-09 15:51:10
Bulk Closing as Won't Fix.

Credlocker is EOL so no further work will be done.

2019-09-09 15:51:10
btasker changed status from 'Open' to 'Closed'

2019-09-09 15:51:10
btasker added 'Won't Fix' to resolution