Yubico support NFC.

asked 2017-08-03 19:34:37 +0200

DarkTuring gravatar image

Please introduce and support Yubico key NFC two factor athenticstion and login support.

Use Cases:

  1. login to phone by tapping Yubico NFC key against phone suppoeting NFC (feature already exists with Google Chrome OS, using Yubico USB to unlock computer);
  2. create SFOS native keychain (local) and unlock keys whenever, and where ever (android or sfos apps) when within a user or password field, the yubiko key would unlock the keychain;
  3. Two factor authentication support of SFOS native apps, so Yubiko key plus a simole passcode say 3344 togetger would allow you to login certain apps (banking, or sensitive document storage);
edit retag flag offensive close delete

Comments

2

Nice idea. Can you attach any links to the project itself and maybe example code or something like this. I don't see any potential currently as the official SailfishOS devices don't support NFC or not in a way you would want it for the Yubico. In the future with the Sony Xperia X device and other devices that might be very interesting though I think system integration by Jolla would be on low on the priority list as they have dozen of other features with higher priorities (like general encryption support for the filesystem and so on)

leszek ( 2017-08-03 21:25:08 +0200 )edit
1

@liszek https://www.yubico.com/products/services-software/personalization-tools/yubikey-otp/

there is linux/ubunto code for yubikey management, also the best might be running an OTP server locally on each phone tp generate the matching ome time passwords.

DarkTuring ( 2017-08-04 06:23:01 +0200 )edit

@coderus thats an interesting article, what i actually do with the yubikey is using a static but long password approach with basically a public (hardware key) and a private key (in my head), no communication with any server. Still hackable but will take a heck longer for anybody in possesion of the hardware key.

DarkTuring ( 2017-08-07 17:40:53 +0200 )edit

I would like to see this too.
For me this is the sole missing thing to completely migrate away from Android (as an OS).
I use the PGP capabilities of the YubiKeyNEO for unlocking my Passwordstore.

On Android, I was using the OpenKeychain and Passwordstore apps.
Both apps seem to run fine on the AlienDalvik.

However, I do not want to store my private key on the device, but inside my YubiKeyNEO and unlock via NFC (which is fully supported by OpenKeychain), but AFAIK not supported by Sailfish / Mer.

Statements from Jolla in two "recent" blog posts [1] / [2], suggest NFC support might be coming really soon:

After Mouhijoki we will add support for some device features that have been missing, such as NFC and fingerprint authentication, and we have already started working on the next generation device.

There will actually be 2 more major updates before Sailfish 3 hits your devices.

This is good news. However, I'm wondering, whether NFC will then be available to Adnroid apps as well.

Is there anyone who has more insight?

2-shell ( 2018-07-10 12:34:51 +0200 )edit