Substitute to yubikey or key

51 views
Skip to first unread message

Niraj Sorathiya

unread,
Jun 2, 2021, 5:28:07 AM6/2/21
to FIDO Dev (fido-dev)
Hello Team,

Is there any authenticator which can be used as substitute to yubikey or key ? 
I have came across authenticator like chrome extension, etc but would like to know if I missed anyone.

Any trusted or recommended android or iOS application that can be used as key in production systems?

Earlier , I received following suggestions from Yuriy


Regards,
Niraj

Arshad Noor

unread,
Jun 2, 2021, 7:43:54 AM6/2/21
to fido...@fidoalliance.org, Niraj Sorathiya
Hi Niraj,

What you're asking for are 2 different things:

- A "Yubikey" is an external, hardware-based "Security Key" that will
work over USB, NFC and/or BLE transports, and can be used on any
platform: Android, Linux, OS-X, Windows, etc.;

- An Android or iOS "application" is a software-based app/library that
uses the mobile device itself to create resident FIDO keys. These keys,
by definition, stay within the device in which they were generated and
cannot be used on other platforms - unless the implementation works over
BLE with a browser on another platform (as in an Android phone that
might work with a browser on a Windows laptop if the phone and laptop
were paired. While there are demonstrations of this capability, I have
not heard/seen of this in production use so far).

If you're looking for a way to generate "production-quality" FIDO2 keys
on Android devices, we published a preview release of the StrongKey
Android Client Library (SACL) supporting Android 9 (or greater) using
the Trusted Execution Environment (TEE) or an embedded Secure Element
(SE) for FIDO2 key-management with biometrics-based user verification.
It also supports Transaction Confirmation when used in conjunction with
StrongKey's FIDO Certified FIDO2 Server.

You can find the library and a sample app using SACL at the following URLs:

https://sourceforge.net/projects/strongkeyfido/files/v4.4/sampleapps/sacl/
https://github.com/StrongKey/fido2/tree/master/sampleapps/java/sacl

A brief introduction to SACL is in this YT video at the 5:00 minute
mark: https://www.youtube.com/watch?v=tp5i9_e7xEY

If you're wondering about a library for iOS, we are looking for iOS
developers: https://www.strongkey.com/careers/mobile-app-developer-ios.
If you know anyone, send them our way.

Hope that helps.

Arshad Noor
StrongKey
> <https://github.com/herrjemand/awesome-webauthn#software-authenticators>
>
> Regards,
> Niraj
>
> --
> You received this message because you are subscribed to the Google
> Groups "FIDO Dev (fido-dev)" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to fido-dev+u...@fidoalliance.org
> <mailto:fido-dev+u...@fidoalliance.org>.
> To view this discussion on the web visit
> https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CAFT0Dp2tK-ZnSt_N6gJq9EmvkqKjCL2kHdpVW68s_gO5Fne-rw%40mail.gmail.com
> <https://groups.google.com/a/fidoalliance.org/d/msgid/fido-dev/CAFT0Dp2tK-ZnSt_N6gJq9EmvkqKjCL2kHdpVW68s_gO5Fne-rw%40mail.gmail.com?utm_medium=email&utm_source=footer>.
Reply all
Reply to author
Forward
0 new messages