GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → ctz → u2f-secret-storage

ctz / u2f-secret-storage

Licence: other
Abusing U2F to 'store' a stable secret

Programming Languages

python
139335 projects - #7 most used programming language

Key 'storage' by abusing U2F devices

This is a proof of concept for abusing U2F devices and the cryptography they use to derive a stable secret.

If you're brave or reckless, you could use this technique to derive keys to encrypt your disk, or password database, or SSH keys.

See https://jbp.io/2015/11/23/abusing-u2f-to-store-keys/ for the background.

Usage

You need python-u2flib-host first: https://github.com/Yubico/python-u2flib-host

Then run python u2fkey.py enroll to set things up. This will print the key value and store state to data.json in the working directory.

Next, run python u2fkey.py auth to get the key value back.

License

CC0

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].