Re: [qubes-users] Yubikeys in Qubes

2016-12-03 Thread Marek Marczykowski-Górecki
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Sat, Dec 03, 2016 at 11:24:28AM -0800, Micah Lee wrote:
> On 12/02/2016 06:50 PM, Leeteqxv wrote:
> > Is it not possible to configure this to having the Yubikey require the
> > person to press the key button manually/physically?
> > If not, such a limitation would lie in the software rather than in the
> > Yubikey, I assume, since the Yubikey support Challenge-Response and such
> > already? If possible, it is definetely preferable to work around
> > potential PIN theft and subsequent hidden (mis)use by requiring a
> > manual/physical action.
> 
> The problem here is that products that can be used as OpenPGP smart
> cards, like the Yubikey, can't just make arbitrary features like
> challenge-response for secret key operations. They need to implement the
> OpenPGP specification so that all software that works with them (GnuPG,
> OpenKeychain, others) can implement the same spec, and everything can just.
> 
> The spec currently supports requiring a PIN to do secret key operations,
> with rate limiting that makes too many invalid PIN guesses locks the
> card. In order to support challenge-response as well I think the OpenPGP
> smart card spec would need to get updated, which is a much longer
> process that just writing some new software.

Some kind of OTP probably could be framed into PIN. Anyway, this does
not solve much bigger problem, that is no protection of the data itself
- - USB VM can intercept the communication and replace/capture what you
want to sign/decrypt.
If there is some protocol to use smartcard over the network, such
protocol probably handle this problem. Not sure if it's possible to use
it here, especially when limited to what Yubikey firmware supports...

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJYQyEoAAoJENuP0xzK19csNroH/1QEeJN2MwHbBTo+g3JlNsNZ
MXs22kmz41evg7lKwwoAuA8/XihRppv0EBPUyEMMi1JmlGgd4Phlafok3rFmILnd
cRG3NsV6Wv69/9aSbxfId6NEEjO5toKdt4DLhR5nVwVamFOCqgVGLxchGzRMMN8E
JrhJ1mxn3w12AufFvtMF7jKXNIiY3REf6kVBjqUcsJmwnW1Tt4WJ+KS8IShCEaJm
i7IfWggxlzKgo4rMXdK22m7G9uvncG6TAMZuonHu92pzuLDoU40iPdpEUmQJyKtF
pibJExdgXHkJicl3j5kwHV0JOyNzgCQkId4fhsVxvexYeuvh9nRaUKwZN+wiAsw=
=Nu+O
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20161203194648.GZ2130%40mail-itl.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Yubikeys in Qubes

2016-12-03 Thread Micah Lee
On 12/02/2016 06:50 PM, Leeteqxv wrote:
> Is it not possible to configure this to having the Yubikey require the
> person to press the key button manually/physically?
> If not, such a limitation would lie in the software rather than in the
> Yubikey, I assume, since the Yubikey support Challenge-Response and such
> already? If possible, it is definetely preferable to work around
> potential PIN theft and subsequent hidden (mis)use by requiring a
> manual/physical action.

The problem here is that products that can be used as OpenPGP smart
cards, like the Yubikey, can't just make arbitrary features like
challenge-response for secret key operations. They need to implement the
OpenPGP specification so that all software that works with them (GnuPG,
OpenKeychain, others) can implement the same spec, and everything can just.

The spec currently supports requiring a PIN to do secret key operations,
with rate limiting that makes too many invalid PIN guesses locks the
card. In order to support challenge-response as well I think the OpenPGP
smart card spec would need to get updated, which is a much longer
process that just writing some new software.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/7b55411b-5d84-6919-3e6e-1be2b8e429a7%40micahflee.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Yubikeys in Qubes

2016-12-03 Thread Andrew David Wong
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 2016-12-02 18:50, Leeteqxv wrote:
> On 02/12/16 20:15, Micah Lee wrote:
>> On 12/01/2016 04:37 PM, Marek Marczykowski-Górecki wrote:
>>> The tool run by qvm-usb does support alternative device identification
>>> - using product and vendor ID. Also to specify which device to attach.
>>> This isn't exposed by qvm-usb tool, because it may be ambiguous, but may
>>> be useful here. See README for more details:
>>> https://github.com/QubesOS/qubes-app-linux-usb-proxy
>>> I acknowledge that your solution is better in some aspect: it exists and
>>> works :)
>> It seems, from my brief testing, that all Yubikeys of the same version
>> have the same product and vendor ids. That still might be preferable to
>> grepping for "Yubikey" though.
>>
>>> Is communication with YubiKey encrypted, or at least somehow
>>> authenticated? Otherwise malicious USB VM could easily perform some kind
>>> of man in the middle attack and for example sign document you really
>>> didn't want to sign. Or decrypt arbitrary data. It's possible even when
>>> physical confirmation (button) is required - by simply waiting until you
>>> perform *some* operation.
>> It is authenticated, but unfortunately I don't think in a secure way.
>> When you use any OpenPGP smart card you have to set a PIN to use it, and
>> you have to authenticate with the smart card using the PIN. In the case
>> of Yubikeys, you type the PIN using the gpg pinentry program (some smart
>> card readers have physical keypads to type the PIN, so software
>> keyloggers on the computer can't steal the PIN). But I'm pretty sure
>> that the PIN you type in, in plaintext, gets sent to the Yubikey, so
>> your usbvm could probably log the PIN the very first time you use your
>> smart card, and then use it as much as it wants after that without you
>> knowing.
>>
>> Also, I'm pretty sure none of the communication is encrypted. To decrypt
>> a message on a smart card, you send the ciphertext (and a PIN, if it
>> isn't cached) to the smart card, and it decrypts it responds with the
>> plaintext. So likely, the usbvm could spy on the plaintext of decrypted
>> messages.
>>
>> Unfortunately Yubikeys don't support pressing the physical button for
>> secret key operations. Those are preserved for 2FA and static passwords.
>>
>>> This is general problem with USB devices, which are hard to solve with
>>> the current USB infrastructure (USB VM can do anything with any device
>>> connected to it). Without some fundamental USB rework - probably at
>>> hardware layer, I think the only alternative is protecting the data at
>>> individual device protocol level (like you do with encrypted USB sticks
>>> for example).
>> Sad, but reality.
>>
> Is it not possible to configure this to having the Yubikey require the person 
> to press the key button manually/physically?
> If not, such a limitation would lie in the software rather than in the 
> Yubikey, I assume, since the Yubikey support Challenge-Response and such 
> already? If possible, it is definetely preferable to work around potential 
> PIN theft and subsequent hidden (mis)use by requiring a manual/physical 
> action.
> 

As Marek explained above, requiring a manual/physical button press doesn't
solve the problem:

"Is communication with YubiKey encrypted, or at least somehow
authenticated? Otherwise malicious USB VM could easily perform some kind
of man in the middle attack and for example sign document you really
didn't want to sign. Or decrypt arbitrary data. It's possible even when
physical confirmation (button) is required - by simply waiting until you
perform *some* operation."

- -- 
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJYQo5OAAoJENtN07w5UDAwADMQALNqWqC2Z+BVz8Zfd0gKG2an
U36zDNGJUM7ymj92AZqJw7gKQMHk46V4e3CPAQ1fCuuWG538nQzrhdkgMT5b242l
Anc14DdfHpHC58ZhtHL8BFPS89ApuiqgEW0QMxqp751rIry53s9ox+eO/MpVlCrE
X0RU7WKabBNP/lIxDtC9mf3yAtyhA9d4iHwyuRM+oARPe6MYxJJjKgz4HBYoRqOu
SFDfs+rZ577fJSr6kvn/vNBtaXeWCldPXnIoCToTWoihO5F8qr3uLvMVWFj+wF3Q
lnMv8W5192zDTcsEZGWWVPDAQ/VBF4LoEOBsUJyPYITOFong85fPYN0cGK1QOesH
DWPxfTcTfIKLLnDnpPnkvRJGiT9ovilWyb9MK01KxLaQ2Ix1dsgrGvdDXntWHleg
jGp4P/KT8U11omYJVDleWUv+1LSspHVVBPrbwn05WyPi4qN0uWphlFU2KoQtvDLs
cCjV8uNpdDh6xKndTyrJibvcTNSigr5tvYpOySuMt/iO7LPGhDdOZ9zMY9KSo1cE
p2Q5TdO1a6otB30+vphkn53XQlrXsvtOKIF1if2u7B5R1PyOxjKpz/7QN61913o3
roLxaSSYEF/6DWi289JayVsYutbXbxlnhzgqg8ac3ibmdgRNlSoT1EP4jmMPtReH
LMj8MpxMuBq4I12wlr+R
=2myJ
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/39351458-901b-4706-7875-ac9d888fbc38%40qubes-os.org.
For more 

Re: [qubes-users] Yubikeys in Qubes

2016-12-02 Thread Micah Lee
On 12/01/2016 04:37 PM, Marek Marczykowski-Górecki wrote:
> The tool run by qvm-usb does support alternative device identification
> - using product and vendor ID. Also to specify which device to attach. 
> This isn't exposed by qvm-usb tool, because it may be ambiguous, but may
> be useful here. See README for more details:
> https://github.com/QubesOS/qubes-app-linux-usb-proxy
> I acknowledge that your solution is better in some aspect: it exists and
> works :)

It seems, from my brief testing, that all Yubikeys of the same version
have the same product and vendor ids. That still might be preferable to
grepping for "Yubikey" though.

> Is communication with YubiKey encrypted, or at least somehow
> authenticated? Otherwise malicious USB VM could easily perform some kind
> of man in the middle attack and for example sign document you really
> didn't want to sign. Or decrypt arbitrary data. It's possible even when
> physical confirmation (button) is required - by simply waiting until you
> perform *some* operation.

It is authenticated, but unfortunately I don't think in a secure way.
When you use any OpenPGP smart card you have to set a PIN to use it, and
you have to authenticate with the smart card using the PIN. In the case
of Yubikeys, you type the PIN using the gpg pinentry program (some smart
card readers have physical keypads to type the PIN, so software
keyloggers on the computer can't steal the PIN). But I'm pretty sure
that the PIN you type in, in plaintext, gets sent to the Yubikey, so
your usbvm could probably log the PIN the very first time you use your
smart card, and then use it as much as it wants after that without you
knowing.

Also, I'm pretty sure none of the communication is encrypted. To decrypt
a message on a smart card, you send the ciphertext (and a PIN, if it
isn't cached) to the smart card, and it decrypts it responds with the
plaintext. So likely, the usbvm could spy on the plaintext of decrypted
messages.

Unfortunately Yubikeys don't support pressing the physical button for
secret key operations. Those are preserved for 2FA and static passwords.

> This is general problem with USB devices, which are hard to solve with
> the current USB infrastructure (USB VM can do anything with any device
> connected to it). Without some fundamental USB rework - probably at
> hardware layer, I think the only alternative is protecting the data at
> individual device protocol level (like you do with encrypted USB sticks
> for example).

Sad, but reality.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/6c322b41-e60f-d577-d15d-6cf7884ee8cf%40micahflee.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Yubikeys in Qubes

2016-12-02 Thread Micah Lee
On 12/01/2016 05:14 PM, Chris Laprise wrote:
> What is an acceptable / secure way to obtain a Yubikey fob?

Unfortunately it's kind of hard to find Yubikeys in retail stores. You
might check here to see if you can find one close to you:
https://www.yubico.com/store/resellers/

Otherwise, you kind of have to order them online. It might make sense to
have one person do a single bulk order and pay for the fastest shipping
(to reduce the window for interdiction), and then distribute them to in
person to friends who want them. But of course it's not perfect.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/2cda7f76-87c2-a192-c59c-dcd3f68a8837%40micahflee.com.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Yubikeys in Qubes

2016-12-01 Thread Chris Laprise

What is an acceptable / secure way to obtain a Yubikey fob?

Chris

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3e45d682-b49f-a91d-817d-13e541a41d94%40openmailbox.org.
For more options, visit https://groups.google.com/d/optout.


Re: [qubes-users] Yubikeys in Qubes

2016-12-01 Thread Marek Marczykowski-Górecki
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Thu, Dec 01, 2016 at 03:54:51PM -0800, Micah Lee wrote:
> I just wrote a quick blog post about using Yubikeys in Qubes.
> Specifically, I wanted to share a script that will use qvm-usb to attach
> your Yubikey to your gpgvm no matter what USB port you plug it into.
> 
> https://micahflee.com/2016/12/qubes-tip-making-yubikey-openpgp-smart-cards-slightly-more-usable/

Thanks! That's interesting. I'd add two things:

The tool run by qvm-usb does support alternative device identification
- - using product and vendor ID. Also to specify which device to attach. 
This isn't exposed by qvm-usb tool, because it may be ambiguous, but may
be useful here. See README for more details:
https://github.com/QubesOS/qubes-app-linux-usb-proxy
I acknowledge that your solution is better in some aspect: it exists and
works :)

Is communication with YubiKey encrypted, or at least somehow
authenticated? Otherwise malicious USB VM could easily perform some kind
of man in the middle attack and for example sign document you really
didn't want to sign. Or decrypt arbitrary data. It's possible even when
physical confirmation (button) is required - by simply waiting until you
perform *some* operation.
This is general problem with USB devices, which are hard to solve with
the current USB infrastructure (USB VM can do anything with any device
connected to it). Without some fundamental USB rework - probably at
hardware layer, I think the only alternative is protecting the data at
individual device protocol level (like you do with encrypted USB sticks
for example).

- -- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iQEcBAEBCAAGBQJYQMJNAAoJENuP0xzK19csL6UIAJqJSD49PwzMOJBoYVHIWsuM
sraQDLT8gkArL7P6vWmCZhd/U6ZMurcXlcrFvjW9bUWm7siOmJn5NpU5DG0ve5pS
I83BSkymhGMynXzZCHfW0Sf9hJdOgBtnnpqSTPTfsAXuR8JV3OV6/GbslvcbIOqU
JofhflbhqvD9tPI8q7smG6RyRUGH8KXDI8HVgjewlPfHqUNpXF/aZpWLfIhQBesU
VPjmgSmOz8ioi9JwlFzJrLkPbp75xx23E5/sl5Bd6BRm2tG+6lZtfbLFH7nk17ci
QbjekfytI5/eTKb542OL9UPlUF/6m0Qj5jasrxy4CUbmKC1LEPIQrNPH4kyA06s=
=hZPo
-END PGP SIGNATURE-

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/20161202003732.GA1371%40mail-itl.
For more options, visit https://groups.google.com/d/optout.