Organize and Share your Electronics the way you want. Sign-Up for a free account now. It takes only 30 seconds!

Breaking a Teensy U2F implementation: why you shouldn’t write your own crypto

Breaking a Teensy U2F implementation: why you shouldn’t write your own crypto

Aidan (a.k.a. makomk) writes:

A while ago, Google created a two-factor authentication scheme called U2F. The general idea is as follows. You have a little USB dongle that you can register with sites. When you enable U2F on a site, the dongle gives that site a public key and a key handle, and that dongle is the only device that can use that key handle to sign things with the corresponding public key. So from then on, websites can hand over the key handle and a challenge, and if they get back a valid signature they know that whoever’s logging in has the dongle you used to sign up.

More details at The Lair of Mako site.

Read more Here

 

More Articles to Read

App note: Testing inductors at application frequencies
App note: Testing inductors at application frequencies
App note: Working voltage ratings applied to inductors
App note: Working voltage ratings applied to inductors
1968 Princeton Reverb Repairs
1968 Princeton Reverb Repairs
Skill Sunday: Power Over Ethernet for Arduino
Skill Sunday: Power Over Ethernet for Arduino
More on Color TFT Displays ~ The Big Ones — 240 X 320
More on Color TFT Displays ~ The Big Ones — 240 X 320
Vertical Pole Climbing Robot
Vertical Pole Climbing Robot
ESP8266 Weather Station Projects
ESP8266 Weather Station Projects
Single tube Lethal Nixie clock
Single tube Lethal Nixie clock
How to make a simple 1 watt audio amplifier (LM386 based)
How to make a simple 1 watt audio amplifier (LM386 based)
Flashing Binaries to DRA7xx Factory Boards Using Device Firmware Upgrade
Flashing Binaries to DRA7xx Factory Boards Using Device Firmware Upgrade

Top




Shares