Releases: trustcrypto/OnlyKey-Firmware
OnlyKey Firmware Beta 6
Beta 6 "OnlyKey Quantum" Release Notes
This release of OnlyKey firmware adds many new features, some of which are the first of their kind anywhere.
In order to update OnlyKey follow the instructions in the User's Guide here
New Major Features
OpenPGP Everywhere
First, we implemented a communication channel over U2F to support OpenPGP in any browser that supports U2F. This means no drivers or software are needed -- it works directly in Google Chrome and Firefox Quantum. Second, we integrated with Keybase.io to manage public keys. This means that to send a secure message, all that is required is the Keybase, Facebook, or Twitter ID of the recipient and your private key never leaves your OnlyKey. We have documented the details of this open source implementation and it is ready for integration into other OpenPGP compatible projects.
Our New Open Source Apps
WebCrypt - This is a great on-the-go OpenPGP option. If you need to send a secure message, just browse to https://apps.crp.to/encrypt-test and compose a message. Your private key always stays safe on OnlyKey, and, since WebCrypt is a static webpage, all of the work is done in your browser through JavaScript. This means that the message you compose is never sent out over the internet. Once your message is encrypted, you can paste it into an email, IM, or whatever. To decrypt, browse to https://apps.crp.to/decrypt-test. Currently this app is available for testing and a production app will be ready soon.
BrowserCrypt - This is a good everyday-use OpenPGP option. If you need to send a secure message, just add the BrowserCrypt Chrome extension and your Keybase friends one time. Then, whenever you want to send secure messages, just right click and select who you are sending the message to. Currently this app is available for testing and a production app will be ready soon.
In this release, we have streamlined SSH authentication. Now, a unique key is generated automatically on OnlyKey for every username@hostname combination. It's super easy to set up, and then OnlyKey can log you in automatically:
- Generate a public key using onlykey-agent
$ onlykey-agent [email protected]
- Log into your server as usual and add the row containing the output from the previous step into ~/.ssh/authorized_keys file on your server.
e.g.,
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFwsFGFI7px8toa38FVeBIKcYdBvWzYXAiVcbB2d1o3zEsRB6Lm/ZuCzQjaLwQdcpT1aF8tycqt4K6AGI1o+qFk= [email protected]
- From now on you can log in to your server using OnlyKey using the following command:
$ onlykey-agent -c [email protected]
Other Features
On-The-Go slot labels
Hold down the #2 button for 5 seconds to type out the SLOT labels. This means if you're not sure what account is stored in an OnlyKey slot, and you don't have the OnlyKey app or the provided card handy, you can still easily find out.
On-The-Go Google Authenticator (TOTP)
One thing that users may notice is that if you don't have the OnlyKey App installed, instead of typing out the 6 digit OTP code, OnlyKey types out "NOTSET". This is because the OnlyKey App sends the current time to OnlyKey when it is first plugged in. (TOTP stands for Time-based One-time Password and the current time is required for it to work.) A device like OnlyKey that has no battery is unable to keep the current time. With the introduction of WebCrypt, this is no longer an issue. If you don't have the OnlyKey App installed, you can still use Google Authenticator codes on-the-go by browsing to https://apps.crp.to/encrypt-test before you try to log in. WebCrypt automatically sets the time on OnlyKey.
U2F backup/restore
U2F uses a counter that increments every time a user authenticates. This is good for security, but is a problem for backup and restore of a U2F profile. With this release, the counter is automatically incremented (using current time as counter). This means that U2F may now be backed up and restored seamlessly. You can even have two OnlyKeys (primary and backup) that are registered as the same U2F security key and both will work to login.
Yubico OTP backup/restore
The same counter issue applies to Yubico's Open Source OTP implementation. With this release, the counter is automatically incremented when a restore occurs to enable seamless backup and restore. You can still only have one Yubico OTP device active at any time, now when you restore the new OnlyKey becomes the active device.
OnlyKey input delay
Now after unlock and after entering a challenge code, there is an input delay of a few seconds to mitigate accidental button press.
SSH now supports P256 and Curve25519 keys.
TweetNaCl used for end-to-end encryption between WebCrypt/BrowserCrypt and OnlyKey.
On-device key generation for ECC keys (Curve25519, NIST P256, secp256k1)
The public key is returned to the app. Support for this feature in the app will be added in a future release.
On-device backup key generation for ECC keys (Curve25519, NIST P256, secp256k1).
The private key is returned to the app. Support for this feature in the app will be added in a future release.
On-The-Go key labels
Just as with slot labels, the key labels can be typed out. Holding down the #3 button for 5 seconds will type out the key labels. Key labels permit setting a name for keys (i.e., My email key) and will be used by future app releases.
Linux Typing Issue Fix
With a recent Linux release capital letters were not working correctly. Thanks to user Alexey for reporting this issue and identifying a fix. The fix has been implemented in this release. More details here.
Additional Character Fields
Some web pages do not automatically highlight username and OTP fields. This requires setting a delay so that there is time to manually click in the field. With this release we are adding an option to enter a tab before the username and OTP entry to add wider support for web pages that do this. More details here. Support for this feature in the app will be added in a future release.
SHA 256 checksums
OnlyKey_Beta6_STD_Color.cpp.hex
68f2ba7a23e6d4983cb47d4318e8eedbb86ecdf094feaf4928383ade88eb9150
OnlyKey_Beta6_STD_Original.cpp.hex
309da576981b0f9cf811f577467c8e214ce761bc543f7a469eed25e43c0dd811
OnlyKey_Beta6_IN-TRVL_Original.cpp.hex
018c2f3fda8f958653e9e3f0c686ca1b9f84c2d5f1dab182b6efa8d2428234e8
OnlyKey_Beta6_IN-TRVL_Color.cpp.hex
d50ffa47c1e201fea4f77cddc3ad49e3afeb5873c537281569df65d12e27749d
OnlyKey Firmware Beta 5
The beta 5 release of OnlyKey firmware includes fixes to the backup / restore feature and introduces a name change in the OnlyKey firmware versions.
Previously, the firmware version with encryption was called the US version and the version without encryption was called the international version (explanation why included in OnlyKey User's Guide). This is being changed to Standard Edition and International Travel Edition as this better describes the purpose and function of the two versions. We will be releasing additional documentation on this feature and "An OnlyKey user's guide to international travel, encryption, and plausible deniability" to explain in more detail these features and how to best use them.
SHA 256 checksums
OnlyKey_Beta5_STD.cpp.hex
2eb241a376b2493b2fd57d33ee2d30b2a 8ac9262f2ace44f2b433759b5af7e33
OnlyKey_Beta5_STD_Color.cpp.hex
70a350f6f143090b63aefff5aad192a1894 0e3f20ee6649ebe905e0b186656d6
OnlyKey_Beta5_IN-TRVL.cpp.hex
f0f7a83162578b35d82af9a4e023564fe5 a5b7f8e74d50c7604147c1a6ce15a4
OnlyKey_Beta5_IN-TRVL_Color.cpp.hex
0b9af89af7c37ee97af05a7f0605e5ac9a 510b7cd402753e8095d99cd958d3ad
OnlyKey Firmware Beta 4
Beta 4 Release Notes
The beta 4 release of OnlyKey firmware introduces feature enhancements, new features and is the first release for OnlyKey Color™
The OnlyKey Color is fitted with a multi-color LED that provides additional benefits over the original OnlyKey including:
- Easier to see - This light is much brighter than the original OnlyKey LED.
- Haptic feedback - It's a lot easier to recognize key presses.
- Meaning behind the color - The color LED definitions are:
- Steady Green Light = Unlocked
- No Light = Locked
- Single Yellow Flash = Button Pressed for PIN entry
- 3 Red Flashes = Wrong PIN
- Continuous Red Flashes = Exceeded PIN tries
- Continuous Green Flashes = Backup and restore is complete.
- Blue Fade in and Fade out = U2F request
- Purple Fade in and Fade out - Private key signing request (SSH or PGP)
- Turquoise Fade in and Fade out - Private key decryption request
- Red Fade in and Fade out - Device is in config mode
Enhancements in this release
- Increased max length of passwords to 56 characters.
- Increased max length of usernames to 56 characters.
- Increased max length of labels to 16 characters.
- Increased ECC key storage from 1 to 32 private keys.
- Option to choose RETURN after a password or NONE.
New Features introduced in this release
-
URL field (length 56) - Now in addition to storing a username, password, and 2FA in each slot you can store the URL of the login page. This allows a true one touch login. With this feature the OnlyKey now can type out the URL for the login page into your browser, then type out your username, password, and 2FA.
-
Key Storage - We introduced an experimental feature in the last OnlyKey release that allows you to use OnlyKey to store a private key that can be used for SSH authentication. We are expanding this so that you can store 32 ECC private keys and 4 RSA private keys. Each key also has a label assigned to it so just like with slots, an identifier can be assigned to each key. Under the hood -
- Up to 32 ECC keys are supported of type curve25519, P256 (NIST), and secp256k1 (Used for Bitcoin)
- Up to 4 RSA keys are supported with key sizes 1024, 2048, 3072, and 4096 bit keys.
-
Key Functionality - In addition to using private keys for SSH authentication we are building a framework that will permit use for signing (OpenPGP email/file signing), decryption (OpenPGP email/file decryption), and our new backup feature.
-
SSH Authentication - Currently only ECC keys are supported for SSH authentication. Using the OnlyKey agent ssh authentication can be accomplished by storing a key on the OnlyKey and setting it as an authentication key. The benefit this provides is that your private key is never exposed on a computer where it can be compromised by hacker.
-
Email/File Decryption - Using the OnlyKey PGP Message Tool, the OnlyKey supports decryption of email and files using OpenPGP (PGP/GPG compatible). This feature is currently released as experimental, to try it out we recommend encrypting emails with Mailvelope (Using RSA 4096 Key) and decrypting with the OnlyKey PGP Messege Tool. The benefit this provides is that your private key is never exposed on a computer where it can be compromised by hacker.
-
Email/File Signing - Using the OnlyKey PGP Message Tool, the OnlyKey supports signing of email and files using OpenPGP (PGP/GPG compatible). This feature is currently released as proof of concept, additional work is needed to properly generate signatures that can be validated.
-
Secure Backup/Restore - Encrypted backup is now a built-in feature. Just like many other features on the OnlyKey, backups are possible on any computer. It essentially works like this:
Step 1. Load a key and select it as backup key.
Step 2. Hold the #1 button down for over 5 seconds.
Step 3. The OnlyKey types out (keyboard) a backup text file that is encrypted using the backup key.
To restore from backup - Just load the same backup key on this or another OnlyKey and load the backup text file to the OnlyKey using the OnlyKey App. When complete the OnlyKey will contain the same data as the backup.- Config Mode - This secondary feature has been added to provide additional protection against the following scenario:
Bob leaves his OnlyKey unlocked and plugged into his computer and walks away, Alice walks up and loads her key onto Bob’s OnlyKey and sets this as the backup key and then uses this to create a backup. Alice now has the encrypted contents of Bob's OnlyKey and knows the key.
While Bob should not have left his device unlocked and unattended we still want to prevent this scenario so first a device must be in config mode to load keys or to restore from backup. To put a device in config mode hold the #6 button down for 5 seconds on an unlocked OnlyKey, then re-enter the PIN. This ensures that only someone who knows the PIN can select the private key used to create a backup.
Note - Backups only supported on US version firmware and not while in plausible deniability mode. The reason is the backup requires encryption and plausible deniability requires being able to deny that any encryption is used.
SHA 256 checksums
OnlyKey_Beta4_US.cpp.hex
9f0a9f86ba0208c1f64a2b7dd20216b1ccba368fd60b73b1c5da5133f34fa9d9
OnlyKey_Beta4_US_Color.cpp.hex
18121c051c018d31a5cf904852a85b93ae99a843c08e6cb3213de28146779798
OnlyKey_Beta4_IN.cpp.hex
3e30f4b691e317759cb5164b80e8db5ef4a6f10b7338286f7d906b2ec99507cc
OnlyKey_Beta4_IN_Color.cpp.hex
11b219eca6cb58a859ad28772a749243b1110b16b363f3bb308c05a1ec7bfd48
OnlyKey Firmware Beta 3
Beta 3 Release Notes
Configurable Inactivity Lockout
Now the user is able to set their own lockout period. This is the amount of time that the OnlyKey should remain unlocked while not being used. The default value is 30 minutes.
Configurable Keyboard Type Speed
Now the user is able to set their own type speed. Setting a custom type speed may be desirable in cases where the application you are using can not keep up with fast typing. Or if you don’t use any applications like this you can have the text typed at top speed for the fastest logins.
Configurable Wipe Mode
If you are using the plausible deniability feature there is one scenario where an adversary may be able to determine that you were using the plausible deniability feature. This is possible if the adversary enters 10 incorrect PINs causing your OnlyKey to wipe all data and then they go to reconfigure the PINs and see that they can set both a regular PIN and a PD PIN. Since only the U.S. version firmware allows setting both PINs the adversary would know that your OnlyKey is running the U.S. version firmware. At this point the device is wiped the adversary would not have access to any sensitive information but the adversary would know that your device is capable of encryption which in some areas may be undesirable. To address this issue you can now set the wipe mode of your OnlyKey to Full Wipe. Given the same scenario with Full Wipe set when 10 incorrect PINs are entered the device will completely wipe all information including the firmware from your OnlyKey. No useful information would be available to an adversary concerning what firmware you were running and in order to use the device new firmware must be loaded.
Configurable Keyboard Layouts
In the last release we included firmware that supported different international keyboard layouts. We now support changing your keyboard layout on the fly through the Chrome app no firmware reload required. Traveling to France from the US? No problem just set the OnlyKey keyboard to French and change it back to US when you return.
U2F Improvements
Thanks to Yohanes Nugroho!
The ECC signing was intermittently working which made registering and authenticating with websites to also only work intermittently. This release addresses the signing issue.
One suggested improvement was to use ECC Deterministic Signing, this has now been implemented see https://tools.ietf.org/html/rfc6979 for more details.
When registering and authenticating the device now blinks (fade in and fade out).
Experimental SSH Login Support
Thanks to Thomas Sileo!
You can now access the OnlyKey via command line using the python tool created by Thomas - https://github.com/trustcrypto/python-onlykey
The command line tool can be used to perform basic communication like get the labels or set values in a slot.
This tool can also be used to write an SSH private key to the OnlyKey
To test this out follow the Installation and Quick start instructions and then run “python ssh_auth.py”
You can now use the OnlyKey to login via SSH. Your SSH key is stored securely on the OnlyKey and used to login via the OnlyKey agent - https://github.com/trustcrypto/onlykey-agent
Regular PIN / PD PIN Separate Lockout Feature
A separate failed login counter has been added for both the Regular PIN and the PD PIN to prevent a scenario where a malicious person has your PD PIN and also has unrestricted physical access to your OnlyKey and they are trying to guess your regular PIN. Without this feature the malicious person may be able to enter 9 incorrect PINs and as the last PIN enter the PD PIN then restart the device effectively giving the malicious user 9 additional attempts to guess the PIN. To mitigate this attack vector there will be a failed login counter that will count how many failed PINs have been entered since the last successful PIN entry and a failed login counter that will count how many failed PINs have been entered since the last successful regular PIN entry. The current setting of 10 failed login attempts and then a factory default occurs will remain the same. Additionally, now if 20 failed login attempts occur since the last successful regular PIN entry has occurred the regular PIN hash will be overwritten effectively disabling the regular account permanently. This allows the plausible deniability feature to remain fully functional, ensuring that an adversary with both physical access and access to the PD PIN will be unable to determine whether the device is using the international firmware or the US firmware and will be limited to 20 attempts to guess the regular PIN. Also keep in mind that for the 20 attempts to guess regular PIN there is an equal chance that the self destruct PIN will be guessed adding additional risk to guessing passwords.
Q - What does this mean for users who use the PD Feature?
A - Make sure to regularly log into the OnlyKey using the regular PIN. Or if you are only using the PD mode of the OnlyKey for some reason (There is no use case I am aware of to do this) keep in mind that 20 failed PIN entries without a successful regular PIN entry will disable your regular profile, essentially turning your device into a device operating with the international firmware.
Q - What are the chances of a malicious person who has my PD PIN being able to guess my regular PIN?
A - It depends the length of your PIN. For a 7 digit PIN there are 279,936 possible combinations so given there are 20 attempts there would be a 1 in 13997 chance of guessing a PIN. For a 10 digit PIN there are 60,466,176 possible combinations so given you have 20 attempts there would be a 1 in 3,023,309 chance of guessing a PIN. Also consider there is an equal chance of guessing the self-destruct PIN. Compare this to 4 digit PINs used at ATMs where there are 10,000 possible combinations and three attempts are allowed there is a 1 in 3333 chance of guessing a PIN.
Google Authenticator (TOTP) Improvements
In the prior release the time can get out of sync causing the OTPs generated to be wrong. In this release the time is accurate within 2 seconds.
Time-based One time password (TOTP) protocol requires accurate time in order to function. Basically how this works is a secret value that only the client and the server know is hashed
with a current timestamp. The result is a OTP that the server can verify came from the client and that is only valid for a short period of time so that if an attacker intercepts the OTP they would have a very small window of time to use the code before it expires. In this way TOTP is better than HOTP for a full description of the two methods see this - https://www.youtube.com/watch?v=KnTd2t4LWIE
PIN reentry after idle timeout lock fix
The device locks after 30 minutes of inactivity and then the next PIN entry fails even if it is the correct PIN. The issue has been addressed in this release.
OnlyKey Firmware Version now shows up in App
The firmware version now display in the bottom right corner of the app.
SHA 256 checksums
OnlyKey_Beta_IN.cpp.hex - 4facf9942e1d968a7d358d8b7a319deb9590aa27d97cf7c7c8e6092babdf35f0
OnlyKey_Beta_US.cpp.hex -
5147fc9e22f60a50f2fb12bde5b1e0d13cbfeedcebb26e41a809d7317c5e784b
OnlyKey Firmware Beta 2
This release addresses issues and introduces two new features:
Issue - Accidentally pressing a button when inserting OnlyKey into USB which requires entering PIN twice.
Resolution - OnlyKey now has the LED fade in and out for ~2 seconds when you first insert into USB which looks pretty cool and also lets you know that it is starting up. During this time button presses are ignored.
Issue - Macbook issue. Affected a small number of devices where when the OnlyKey is used with a Macbook the OnlyKey MK20 overheats and the device becomes inoperable.
Resolution - Lowered MK20 clock speed effectively decreasing the operating temperature of the OnlyKey.
Feature - Lock the OnlyKey automatically after a period of inactivity. The OnlyKey will lock requiring PIN re-entry after 30 minutes of inactivity. This lockout time value will be configurable in future release through the Chrome App (i.e. You can set the value to an hour, or disable this lockout).
Feature - Several versions of Firmware are available for different non-US keyboard layouts. This includes:
French (AZERTY)
GERMAN
UK
US_INTERNATIONAL
The keyboard layout will be configurable in a future release through the Chrome App (I.e. select keyboard layout from a drop down list).
SHA256 Hashes of firmware has been provided in the Quick Start Guide for download validation - www.crp.to/okstart
OnlyKey Firmware Beta
This is the Beta release of the OnlyKey Firmware.
OnlyKey Firmware Alpha
v0.1-alpha.0 added hex files alpha release