HMAC-SHA1 Challenge Response

I am looking for an app or some ability to use the flipper as a challenge response that uses HMAC-SHA1 via USB and NFC. This would allow the flipper to simulate a Yubikey.

The private key would have to be known and placed onto the Flipper, and then used as a 2FA Challenge Response.

1 Like

Not directly your request, but for reference:

  • U2F builtin app implements FIDO over USB
  • Authenticator external app implements TOTP over screen and BadUSB

I haven’t seen an app that does that yet. That’s a feature I have thought was missing for a while however I can’t recommend the Flipper for holding any secure login and here is the warning from Flipper Inc.

For security-sensitive websites, use certified U2F security keys

Flipper is not a “certified U2F security key” and this version most likely never can be due to hardware limitations.

Yes, very true. BUT if my Flipper is stolen, or lost. Then my account is compromised as they could “get the key”. Yet if my Yubikey is stolen or lost then my account is also compromised as well. In ether event I, I would have to make a new key and store it to a new Yubikey or Flipper and re-associate my accounts to the new key. So I guess I don’t get the difference.

The only concern I have is if I put an app on the flipper and that app would grab my key and somehow send it off to someone else (not sure how that would be possible) and they would clone it. That’s really the only concern I see. Unless I am mis understanding something.

I guess an app on the PC could grab files from it while it’s plugged in.

Point by point:

That’s why

  • YubiKeys have a PIN
  • 2FA is called like that. If you can login with just the second factor, it is a bad design.

Possible, if you run apps from untrusted sources. Some exfiltration vectors are:

  • Bluetooth or Sub-GHz to someone close
  • BadUSB when you plug it into machine
  • Some stego in RFID RAW’s or other files you may want to share online

A program on PC can

  • with nothing running and CLI is exposed
    • do anything
  • when U2F is opened
    • attempt to exploit some vulnerability (there was at least one) or
    • trick you into logging in the wrong website
  • when you plug your SD card into PC
    • steal the key files, but they are encrypted there.
  • in other modes (e.g. keyboard, flash, avrdude, UART, MIDI)
    • attempt to exploit some vulnerability (I’m not aware of any)
1 Like

I use my Yubikey as a second factor for my KeePass password management.

“YoubiKeys have a PIN” Not that I know of. I never enter a set of digits to use my HMAC-SHA Challenge Response.

" If you can login with just the second factor, it is a bad design." Fully agree!

“if you run apps from untrusted sources. Some exfiltration vectors are…” Agree

“A program on PC can” Anything on my PC could steal my password to log into KeePass as I type it in. And could read the memory and password as sent to applications etc.

If your system is compromised then you’re screwed. So back to my point being a “certified U2F security key” really needed? If it’s lost stolen or the system your using it on is compromised your screwed anyway.

When I am out on the road with just my cell phone and I need to log into say Google and I got my Google authenticator app with it’s new 6 digit number every 30 seconds on my phone along with a stored 15 character random password (as I can’t remember it) is logging in on my phone really 2nd factor? When that device has both my password and the authenticator app both on the same device? I don’t think so. So I moved my authenticator app off of my phone and used the authenticator app on my Flipper. Now I feel I am more secure. Because I must have both devices to gain access to my account.

Just because the Flipper is not fort knocks security, it can still provide increased security in some ways.

Anyway. Back to the original need, it would be nice if someone could make an app to perform HMAC-SHA Challenge Response on the flipper.

You are concerned about the Yubikey and you are using the Google authenticator at the same time?

Hey, the GA is in the cloud, one time set up, available on all my Google devices! Google Online Security Blog: Google Authenticator now supports Google Account synchronization

Not end-to-end encrypted: Google's New Authenticator Isn't End-to-End Encrypted: Test
A little more practical: Google Authenticator Sync security concerns, What IT should do- Specops Software

I’ve tested some OTP. I started with Microsoft authenticator, because my first project was an admin account in AzureAD. Nice, worked for all use cases.
Than I started with the Yubikey Authenticator. Much more secure, but not for all, because you need a Yubikey to open … More secure, less comfortable.
And in the beginning of 2021 I started with the Google authenticator, until the point they moved it to the cloud. One thing I like about the OTP is, that it is not connected to the internet. For security.

I don’t mention the various small solutions, like FortiToken, BlahPass+ … and some bad designed OpenSource ones.

I’m not concerned about anything. I would like to see the Yubikey HMAC-SHA1 Challenge Response implemented on the Flipper Zero. And I feel the reason not to “Flipper is not a certified U2F security key” is not a valid reason. As the Yubikey can be just as insecure as the flipper if not used correctly.

The reason I use Yubikey HMAC-SHA1 Challenge Response is because it works by plugging it into my PC to access KeePass and also as NFC on my phone to access KeePass. None of the other Authenticator options will work that way with KeePass that I know of.

This is the concern. The key can potentially be copied without your knowledge. That could be done a number of different ways. Someone could remove the SD card and copy the file. You could leave a digital backup somewhere and it could be compromised. Or in your example someone pulls a reverse shell on your computer and ssh into your Flipper.

Not a Yubikey feature but there actually is at least one U2F key that has a pin. I believe Yubikey has one coming out with a fingerprint reader though. ( YubiKey Bio Series)

There is the new passkey function. In that case a Yubikey could potentially be used as the primary authentication method. I don’t think Flipper U2F supports passkey. A username is still needed. I would not use that function without at at least the fingerprint option.

Yubikey also has a password mode that allows it to enter passwords.

This one wouldn’t just work. Files on SD are stored encrypted with SE key #2 (the device-unique one)

And I still consider it a BadIdea™.

1 Like

Can you point me to that? I don’t see it in documentation. I’d like to learn more such as what stops someone from stealing that key and if there is a way to use it in our apps. I assume it’s not on the SD card which in my mind brings the question “Why doesn’t Flipper allow encryption of other files?” Even if it isn’t perfect it would be nice to be able to encrypt certain captured files.

The authenticator app I think uses the built in encryption string stuff. I am not smart enough to understand but Flipper does not provide file level encryption but stuff can still be encrypted from my understanding using a key that’s on the device. I think the ability for the key to be extracted is possible.

So in my use case, the private key would be stored on the flash card yet encrypted in some form with the internal key. But that’s all I know. If you look into the Authenticator app more it may explain.

I also could be completely wrong.

See: Is it secure? · akopachov/flipper-zero_authenticator Wiki · GitHub

That link is very helpful. So the Flipper is indeed needed to crack it. Of the attacks I mentioned I think the reverse shell attack is the most likely. As long as you aren’t targeted it seems an unlikely attack. You could further reduce you risk by not charging Flipper with your PC, choosing a PIN, and not leaving it plugged in to the PC when not in use. Truthfully your pretty well doinked if someone has a reverse shell on you PC in the first place.

That said I think the PIN might be easily cracked in most cases.

IIRC main PIN lives in clear in some internal memory file and Authenticator PIN lives ‘almost-in-clear’ (with the same key) in its config, without cryptographically protecting anything.

That’s not a great way to handle a pin. Should be hashed and salted.

What is IIRC?

IIRC = If I Remember Correct.

With 4^4=256 possible values?
Only if you manage to engage CPU2 to help you. And in Flipper, CPU2 runs ST’s Bluetooth blobs.

1 Like

You’re saying Flipper can’t even do that? Sadly everyone my approximate age used the exact same pin because… famous video game cheat code.