Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide a way to disable NFC access #36

Open
amluto opened this issue Oct 26, 2015 · 2 comments
Open

Provide a way to disable NFC access #36

amluto opened this issue Oct 26, 2015 · 2 comments

Comments

@amluto
Copy link

amluto commented Oct 26, 2015

I never use my OpenPGP applet over NFC and, given that the OpenPGP password protocol is very weak (plaintext-equivalent AFAICT instead of using some secure challenge-response protocol or PAKE), I'd rather just disable access over NFC. Could this be added?

A way to generally disable CCID-over-NFC on the Neo using mode switching would also work.
@thotheolh
Copy link

thotheolh commented Aug 27, 2016
edited
Loading

The only way to disable NFC access is to insert a checking code that checks for the protocol in use via the APDU class's getProtocol() method when receiving APDU commands. When the protocol is from a Contactless interface, it can simply skip the command and ignore via sending 0x6F00 error or some equivalent error.

The problem would be the what-ifs the hardware only respect contactless mode then the above code change would be devastating by simply ignoring all APDU commands until you delete the applet and reload one with yet another revision of codes.

Another thing to consider is how to manage the switching off and on of the software contactless disable flag I mentioned above. If Yubico implements a contactless disable flag in software, such an option does not exist in the OpenPGP specification and this OpenPGP applet is merely trying to follow the OpenPGP specifications.

If you are using the Yubikey NEO, it would be highly advisable you use it over USB instead of NFC interfaces. If you are worried of people walking pass you to sniff your Yubikey, you could use one of those NFC/RF protection wallets or pouches or make your own with a tightly sealed aluminium case if you have good handicraft skills.

In fact I do prefer the hardware isolation via some NFC/RF protection cases or pouches because a software disable switch have to rely on the software on the lower layers of the stack and hardware isolation via NFC/RF protection pouches and cases immediately isolates your Yubikey when you are not using it. When using it, you should only be using it via USB if you are afraid of NFC related attack surfaces and you should be isolated in a room with an air-gapped computer as the very least OPSEC measure and also without any portable devices you suspect might introduce vulnerabilities in your OPSEC scheme.

@Morthawt
Copy link

Morthawt commented May 5, 2020

What exactly is being referred to as far as plain text? The whole thing with OpenPGP in the YubiKey is that it is a black box that is secure, right? Or am I missing something?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@amluto @thotheolh @Morthawt