Today I my Yubikey arrived in the mail, which is a hardware token (what you have) used for multi-factor authentication. It is by default tied into their cloud web authentication service, allowing you to authenticate a device via a OTP over simple RESTful APIs. They have a number of libraries, and plugins, one of which is for WordPress, allowing for two-factor authentication to login to the blog.
For those of you who are extra paranoid, they also provide libraries to parse the OTP responses to host your own validation server, and you can generate your own keys to store on the device (it stores up to 2). It can be configured to generate driver-less (well, HID keyboard) Yubico OTP, static passwords (for long, passwords), HMAC-SHA1 responses.
I’ve decided to use the HMAC-SHA1 challenge-response configuration on the second slot for a guarded data store, where the data is encrypted by the HMAC response to a given challenge, and on each decryption, re-encrypted with a a different challenge-response pair. This will allow for the Yubikey to enable network-less protections. From there I’d like to extend that to the existing Linux FDE Yubikey solution. I certainly will be standing on the shoulders of giants in terms of my contributions, but I hope they will be well received.
Peace and chow,
It’s been quite a while since I’ve posted here, and to my devout readers I apoligize. As many of you know, this has been my last semester of my undergraduate studies, so I have been very busy over the past few months. This post will hopefully act as a dump of what I’ve been up to and what I will be doing until my next post.
Things I did:
- Developed a method for calling parts of functions to minimize/obfuscate programs
- Worked with Ryan on OSP to get a web based cluster management system integrated into the cluster administration page
- Played with return-to-libc attacks and got them working on the latest version of Ubuntu Linux
Things on the horizon:
- Working full-time for AIS
- Traveling to Iceland for 3 weeks
- Working on a computer security textbook
- Running a marathon in August
It is very weird to me to think that today is the last day of classes for me as a traditional full-time student. I’ve been going to school since I was 5 and it is very weird to think that come August I will not be returning to the classroom as my primary past-time. I am excited to travel and get away from the normal swing of things for a while to reflect on the new changes in my life, and excited to begin working, especially due to the extra leisure time after work.
Peace and chow,
Now that I’ve had a chance to settle into my new apartment above Misty Hollow on Market Street, and I have all the needed utilities, I thoughts I take a break and reflect on my first two weeks of my senior year. My schedule this semester has me in class for 11 hours Monday and Wednesday, and practically without class the other week days (I do have class every few Saturdays). This schedule is requiring some work to get used to, either I’m feeling rushed to make it to my next class and keep everything straight (philosophy to statistics) or I’m wondering what to do with all my spare time. I have however found a few things to keep myself occupied on my off days, I’m working for Clarkson as a campus photographer, shooting lots around the area for brochures, the website or mailings. This is a great way for me to practice and improve my photography skills and work with a professional! I will update my Flickr when I have some great shots, so keep checking it out! Of course I’m also still the co-director of COSI, which has a large amount of interest this year, and I’m hoping for good things to turn up. naturally I’m still working on my baby, OSP (a post on that soon). Lastly, I’ve joined the Potsdam Rescue Squad, and am enrolled in the NY state EMT course, which I am enjoying, and excited to become a more useful member as my knowledge grows.
Well, I think that about covers all in my life for the time being.
Peace and chow,