Developed by the Swedish company Yubico, YubiKey is a security device that supports authentication methods such as FIDO2, FIDO U2F, PIV(smart card), OpenPGP, Yubico OTP, OATH-TOTP, OATH-HOTP, and Challenge-Response. However, it may be difficult for new users to visualize specific usage scenarios of the device, especially regarding FIDO2 or PIV.
So, as part of the SoftGiken AdventCalendar 2018, this article will introduce the various types of YubiKeys available and their functions and services.
Table of Contents for this Series
・Types of YubiKeys (this article) ・YubiKey 5 Features ・Tools for Developers
Types of YubiKey
As of December 1, 2018, the following three types of keys are available in Japan.
・YubiKey 4 Series
・YubiKey Neo
・Security Key by Yubico
Soon, the YubiKey 5 series will be made available, while the YubiKey 4 series will be discontinued. However, the FIPS version based on the YubiKey 4 will continue to be sold.
The YubiKey 5 series is fully compatible with the YubiKey 4 series and will support all protocols available in YubiKey 4 and FIDO2 features equivalent to Security Key by Yubico.
Therefore, YubiKey 5 series and Security Key by Yubico will be the basic lineup.
YubiKey 5 Series
Security Key by Yubico
※Please inquire separately for FIPS-compliant keys.
Differences between Security Key by Yubico and YubiKey 5 Series
The Security Key by Yubico only supports FIDO protocol, limiting its use to FIDO U2F and FIDO2(Web Authn). Thus, it can only be used as a second step authentication for services such as Google, Facebook, Dropbox, GitHub, Gitlab, etc. In contrast, SSO services such as CloudGate UNO are also supported for enterprise users.
On the other hand, YubiKey 5 series supports PIV(smart card), OpenPGP, Yubico OTP, OATH-TOTP, OATH-HOTP, Challenge-Response, etc. in addition to Security Key by Yubico, allowing it to be easily integrated into local Active Directory authentication, VPN, or existing OTP authentication.
Softgiken’s YubiOn for Windows also authenticates using the YubiKey 5 series features, which will be explained in detail in part 3.
USB Shape
The YubiKey 5 series models differ from each other in terms of the USB shape as well as the availability of NFC.
The YubiKey 5 with NFC and USB Type-A can use both USB and NFC for authentication.
In the other models, most of the features are common; the only changes are the differences in the form factor or shape and the exception of the NFC function.
YubiKey 5 Nano Fits Perfectly in the USB Port
Type-C YubiKey 5C
Smallest YubiKey - 5C Nano
Thus, users can choose the device they require based on their needs.
Conclusion
This was a brief introduction to the YubiKey series 5. For more information, please contact us.