The original YubiKey (now called YubiKey Standard), was an innovative token for two-factor authentication.

YubiKey Standard#

YubiKey has a USB interface and presents itself as a USB keyboard when pulgged in, and thus does not require any special drivers to use.

YubiKey has a single capacitive button that outputs an OTP when pressed. Because the device functions as keyboard, the OTP can be automatically entered in any text field of a desktop or Web application, or even terminal window, requiring very little modification to exiting applications. The OTP is generated using a 128-bit key stored inside the device, either using YubiKey's OTP algorithm, or the HOTP algorithm.

YubiKey Neo#

The YubiKey Neo retains the form factor of the original YubiKey, but adds an important new component: a Secure Element (SE), accessible both via USB and over NFC.

The Secure Element offers a JavaCard 3.0/JCOP 2.4.2-compatible execution environment, an ISO14443A NFC interface, MIFARE Classic emulation and an NDEF applet for interaction with YubiKey functionality.

When plugged into a USB port, depending on its configuration, the YubiKey Neo presents itself either as a keyboard (HID device), a standard CCID smart card reader, or both when in composite mode. As the Secure Element is fully compatible with JavaCard and GlobalPlatform standards, additional applets can be loaded with standard tools.

Recent batches ship with pre-installed Initiative for Open Authentication, PGP and PIV applets, and the code for both the Initiative for Open Authentication and PGP applets is available. YubiKey provides a Google Authenticator compatible Android application, YubiKey Authenticator that allows you to store the keys used to generate OTPs on the Neo. This ensures that neither attackers who have physical access to your Android device, nor applications with root access can extract your OTP keys.

More Information#

There might be more information for this subject on one of the following: ...nobody