The first workaround to the virtual keyboards implemented by banks was by a Russian malware (forgot its name) that was screenshooting wherever the mouse clicked and OCRing it.
It was brutally effective.
There is no method to outsmart a compromised machine. It must be out-of-band authentication.
If we got a distributer and somehow managed to get these cheap with some safecoin included in each purchase then we would have easy safecoin access in a secured system ? Interesting perhaps. They need to be very cheap though and not exclude anyone which is the problem.
There are bound to be super-cheap devices we can piggy back on very soon. Phones will obviously be one - made cheap to reach additional consumers as the technology permits. I’m sure there will be other devices too. Watches and other wearables? And of course dedicated hardware authenticators. And of course the 3D printable electronics can take this fully open source.
By covering a spread of such devices we could offer high security to a very large percentage of users.
No plans yet, we need to ensure any 2fa solution does not include a server/centralised solution. Yubi/trezor etc. are interesting though. Client side apps can authenticate in any manner they choose including these.
Currently yubikey uses a validation server, do you think it could be reimplemented and integrated into maidsafe?
It uses a SQLite database: https://code.google.com/p/yubico-yubiserve/
I have one and it is extremely simple and cheap, 25 USD is quite affordable for the standard.
In bulk must be cheaper.
I think it could be refactored to use a key/value store for sure. It will take some time, but as you say well worth it and the price if anything will drop I believe. Is the source for the keys themselves with specs open source? Not so we copy but it’s important I think.
Each Yubikey has a 128-bit AES key, which is used to encrypt a token which includes the Device ID, a counter (to avoid replay attacks) and a random generator. The OTP is generated concatenating the ID of the yubikey with the encrypted token, following the RFC 4226 HOTP algorithm.
The validation servers basically host the AES keys and the IDs, with which decrypts the token, and verifies that the decrypted ID matches with the plaintext ID.
The yubikeys can be reprogrammed with a custom AES key ( http://vimeo.com/11141444), but never be read from it. The only way to read them would be with side-channel attacks or hardware hacking (breaking it up, dissolving the chip encapsulation, etc…)
They are OS agnostic because they emulate a usb keyboard to type on the screen the encrypted tokens.
The weak point is the centralized storage of AES keys in the validation servers.
(I wanted to paste some links here, but the forum limits me to only two links)
More info here: Yubico Info - Pastebin.com
Excellent work and research, thanks a million for this. It will be super cool to be able to offer this as an option for the more security conscious for sure. A great addition. I will bookmark this one.
I don’t know much about it but what about something like this?
Introducing FibreLock
An innovative security feature that has not been seen in Crypto Land before. The idea behind FibreLock was to remove the keyboard from the password entry process thus rendering key loggers and other malware useless against the FibreWallet !!! FibreLock uses an android style pattern based locking system, there is no keyboard subsystem being used that malware could monitor !!! All inputs will come from your mouse.
I’m not a fan of this validation service yubikey works with neither but I’m using it just in challange-response mode so there no need for the servers…
Will try the nfc part if I’ve got a new phone and ubuntu dm-crypt…
Sorry I really don’t want to sound like an old man, but to be honest. I think one of the most secure way to login is SQRL. It’s opensourced and here’s a working version of it…
I admit that it’s vunerable because it has a masterpassword, but maybe somebody could make a multisig version of it…
Hmmmm btw this usually shows you the website your trying to login too, so I woulden’t know how something like this would work with the SAFE Network client