Yubisec

Yubikey Neo One Time Pad

This project has been submitted to the YubiKing 2015 Hackathon by Yubico ( https://www.yubico.com/yubiking/ )

Yubisec is an implementation of a One Time Pad ( https://en.wikipedia.org/wiki/One-time_pad ) for secure communication between two Android phones using keys stored and generated on YubiKey Neo tokens.

According to Wikipedia, "OTP is an encryption technique that cannot be cracked if used correctly. One-time pads are information-theoretically secure in that the encrypted message (i.e., the ciphertext) provides no information about the original message to a cryptanalyst. Given perfect secrecy, in contrast to conventional symmetric encryption, OTP is immune even to brute-force attacks. Trying all keys simply yields all plaintexts, all equally likely to be the actual plaintext. Even with known plaintext, like part of the message being known, brute-force attacks cannot be used, since an attacker is unable to gain any information about the parts of the key needed to decrypt the rest of the message."

Due to the above, OTP also has a very interesting property called Plausible Deniability - see http://nullprogram.com/blog/2008/07/11/ . It essentially means that you can replace your real key with a key computed from a decoy text and claim that was the original key. An attempt to decrypt the original cryptotexts with your decoy key will result in the decoy text (so you can claim you were sending love letters to your wife when in fact you were planning an uprising).

Yubisec consists of 3 separate apps:

1. The Yubisec project is a JavaCard applet meant to be run on the Yubikey Neo itself. It acts as a random key generator (using the on-board True Hardware Random Number Generator) as well as storage for the keys.
2. The YubisecAdmin project is a Java 7 desktop application (command line) that handles the provisioning of the two YubiKeys. It creates a random key by XORing together 3 sources of randomness - 2 generated by the keys and 1 generated on the local computer. The result is stored in both YubiKeys for communication.
3. The YubisecAndroid project is an Android application that uses NFC to talk to the YubiKey Neo and encrypt/decrypt text using the OneTimePad. It also makes sure keys are not reused and allows the user to enter a decoy text for each message. Further attempts to decrypt the same text (after setting the decoy) will result in the decoy text, not the original plaintext.

Messages are limited to 119 bytes - they are encrypted as a 120 byte array (119 bytes data + 1 byte length) and then BASE64-encoded as an 160-character ASCII message (the maximum length of an SMS)

By design, the Yubikeys themselves store no state information, so if they are stolen (or the user is forced to give them up), the attacker cannot determine how often they were used (if they were used at all) or if any of the keys have been replaced with decoys.