Yubico, Inc. FIPS 140-2 Non-Proprietary Security Policy Document Version: 1.5 YubiKey 5 Cryptographic Module FIPS 140-2 Security Policy v1.5 2 Table Of Contents 1. Introduction ............................................................................................................................ 4 1.1 Purpose.......................................................................................................................4 1.2 Document Organization..............................................................................................4 1.3 Notices........................................................................................................................4 2. YubiKey 5 Cryptographic Module ........................................................................................... 5 2.1 Cryptographic Module Specification ...........................................................................5 2.1.1 Cryptographic Boundary......................................................................................... 6 2.1.2 Modes Of Operation ............................................................................................... 6 2.2 Cryptographic Module Ports and Interfaces.............................................................. 11 2.3 Roles, Services, and Authentication..........................................................................12 2.3.1 Authorized Roles................................................................................................... 12 2.3.2 Authentication Mechanisms................................................................................. 13 2.3.3 Services ................................................................................................................. 13 2.4 Physical Security .......................................................................................................22 2.5 Operational Environment..........................................................................................22 2.6 Cryptographic Key Management ..............................................................................23 2.6.1 Key Generation ..................................................................................................... 28 2.6.2 Key Entry/Output.................................................................................................. 28 2.6.3 Zeroization Procedures......................................................................................... 28 2.7 Electromagnetic Interference / Electromagnetic Compatibility (EMI/EMC) ..............28 2.8 Self-Tests ..................................................................................................................29 2.8.1 Power-On Self-Tests.............................................................................................. 29 2.8.2 Conditional Self-Tests ........................................................................................... 29 2.8.3 Self-Tests Error Handling ...................................................................................... 29 2.9 Mitigation Of Other Attacks......................................................................................30 FIPS 140-2 Security Policy v1.5 3 3. Secure Operation.................................................................................................................. 30 3.1 Installation ................................................................................................................30 3.2 Initialization ..............................................................................................................30 Appendix A: Acronyms.................................................................................................................. 32 FIPS 140-2 Security Policy v1.5 4 1. Introduction This is a non-proprietary FIPS 140-2 Security Policy for the Yubico, Inc. YubiKey 5 Cryptographic Module. Below are the details of the product certified: Hardware Version #: SLE78CLUFX3000PH, SLE78CLUFX5000PH Firmware Version #: 5.4.2 and 5.4.3 FIPS 140-2 Security Level: 1 1.1 Purpose This document was prepared as Federal Information Processing Standard (FIPS) 140-2 validation process. The document describes how the YubiKey 5 Cryptographic Module meets the security requirements of FIPS 140-2. It also provides instructions to individuals and organizations on how to deploy the product in a secure FIPS-approved mode of operation. Target audience of this document is anyone who wishes to use or integrate this product into a solution that is meant to comply with FIPS 140-2 requirements. 1.2 Document Organization The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this document, the Submission Package contains: ▪ Vendor Evidence document ▪ Finite State Machine ▪ Other supporting documentation as additional references With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Submission Package is proprietary to Yubico, Inc. and is releasable only under appropriate non-disclosure agreements. 1.3 Notices This document may be freely reproduced and distributed in its entirety without modification. FIPS 140-2 Security Policy v1.5 5 2. YubiKey 5 Cryptographic Module The YubiKey 5 Cryptographic Module (the module) is a single-chip module validated at FIPS 140-2 Security Level 1. Specifically, the module meets the following security levels for individual sections in FIPS 140-2 standard: Table 1 - Security Level For Each FIPS 140-2 Section # Section Title Security Level 1 Cryptographic Module Specification 1 2 Cryptographic Module Ports and Interfaces 1 3 Roles, Services, and Authentication 1 4 Finite State Model 1 5 Physical Security 3 6 Operational Environment N/A 7 Cryptographic Key Management 1 8 EMI/EMC 3 9 Self-Tests 1 10 Design Assurances 3 11 Mitigation Of Other Attacks N/A 2.1 Cryptographic Module Specification The module is the core component for authenticators in the YubiKey 5 product family and supports several functional units: FIDO/FIDO2, FIDO/U2F, PIV, OTP, OpenPGP, OATH, and YubiCrypt. FIPS 140-2 Security Policy v1.5 6 Figure 1 – YubiKey 5 Cryptographic Module (SLE78CLUFX3000PH – Front and Back) Figure 2 – YubiKey 5 Cryptographic Module (SLE78CLUFX5000PH – Front and Back) 2.1.1 Cryptographic Boundary The cryptographic boundary is defined as the entire single-chip device itself. Please see Figures 1 and 2 above for a depiction of the module. 2.1.2 Modes Of Operation The module supports an Approved mode of operation and a non-Approved mode of operation. The modes of operation are described below: - Approved: Only Approved algorithms may be employed per the procedural controls set forth by this Security Policy. - Non-Approved: Additional support for non-Approved algorithms and services, such as EdDSA, x25519, and non-Approved key sizes. FIPS 140-2 Security Policy v1.5 7 Please see Section 3 of this Security Policy for instructions on how to configure the various modes of operation. There are algorithms, modes, and keys that have been CAVs tested but not used by the module. Only the algorithms, modes/methods, and key lengths/curves/moduli shown in this table are used by the module. Table 2 - Supported Approved Algorithms Cryptographic Algorithm CAVP Cert. # Usage AES Modes: CBC, CCM, CMAC, ECB Key Sizes: 128, 192, 256 (CCM with 128 and 192-bit keys tested, but not used) C1680 Encryption, Decryption, CTR_DRBG, Key Wrap CKG (Vendor affirmed per SP800-133 and IG D.12) Key Generation CVL – ECC CDH (Tested, but not used) Curves: P-224, P-256, P-384, P-521 C1680 Modular exponentiation CVL - ECDSA Signature Generation Primitive Curves: P-256, P-384, P-521 (P-224 tested, but not used) C1680 Signature Primitive CVL – RSADP Key sizes: 2048 C1680 RSA PKCS#1 v2.1 Decryption Primitive CVL – RSASP C1680 Signature Primitive DRBG: AES-256 CTR, No DF C1680 Key Generation ECDSA Curves: P-256, P-384, P-521 (P-224 tested, but not used) C1680 Key Generation FIPS 140-2 Security Policy v1.5 8 Cryptographic Algorithm CAVP Cert. # Usage Operations: Key Gen HMAC SHA-1, SHA2-256, SHA2-384, SHA2-512 C1680 Data Integrity KAS-SSC Co-Factor One-Pass DH, C(1e, 1s, ECC CDH) Scheme Curves: P-256, P-384, P-521, secp256k1, brainpool256r1, brainpool384r1, brainpool512r1 Vendor Affirmed SP800-56a-rev3 Shared Secret Calculation. Provides between 128 and 256 bits of security strength Non-NIST curves allowed by IG D.8, Scenario X.2 KBKDF: SP800-108 CMAC MAC Mode: CMAC-AES128 Supported Lengths: 64, 128 C1680 Secure Channel key derivation. KDA Two-Step Key Derivation: HKDF Vendor Affirmed SP800-56C-rev2 Key Derivation Algorithm. KTS: AES and CMAC C1680 SP800-38F compliant key wrap using AES-128 CBC and CMAC. Provides 128-bits of security strength. KTS: AES CCM C1680 SP800-38F compliant key wrap using AES-256 CCM. Provides 256-bits of security strength. KTS: AES and HMAC C1680 SP800-38F compliant key wrap using AES-256 CBC and HMAC SHA-256. Provides 256- bits of security strength. RSA Key Sizes: 2048, 3072, 4096 A985 Key Generation FIPS 140-2 Security Policy v1.5 9 Cryptographic Algorithm CAVP Cert. # Usage Operations: Key Gen SHA-1, SHA2-256, SHA2-384, SHA2- 512 C1680 Hash Triple-DES Mode: ECB, Keying Option 1 C1680 Encryption Must not encrypt with the same 3-key Triple DES mutual challenge response key more than 2^16 times (refer to IG A.13). Table 3 - Supported Allowed Cryptographic Algorithm CAVP Cert. # Usage DES N/A No security claim per IG 1.23. Used internal to the module for integrity checks (CRCs). EC Diffie-Hellman Curves: P256 N/A IG 1.23, no security claim. The module does not rely on this usage of ECDH to satisfy any FIPS 140-2 requirements; this usage of ECDH provides interoperability only. EC Diffie-Hellman Curves: secp256k1, brainpool256r1, brainpool384r1, brainpool512r1 N/A IG A.2, D.8 Scenario X.2 secp256k1 and brainpool256r1 provide 128 bits of security strength brainpool384r1 provides 192 bits of security strength brainpool512r1 provides 256 bits of security strength FIPS 140-2 Security Policy v1.5 10 Cryptographic Algorithm CAVP Cert. # Usage ECDSA Curves: secp256k1, brainpool256r1, brainpool384r1, brainpool512r1 N/A IG A.2. Key Generation, Signature Generation Primitive secp256k1 and brainpool256r1 provide 128 bits of security strength brainpool384r1 provides 192 bits of security strength brainpool512r1 provides 256 bits of security strength NDRNG N/A Hardware Non-Deterministic RNG; minimum of 16 bits per access. The NDRNG output is used to seed the FIPS Approved DRBG. The DRBG is initialized with a 384-bit entropy input string, which contains at least 301.8 bits of entropy. The module generates cryptographic keys whose strengths are modified by available entropy RSA (Key Unwrapping) N/A Non-SP800-56b RSA decryption primitive. RSA (CVL Cert. #C1680, key unwrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength) RSA (Key Unwrapping) N/A Non-SP800-56b RSA decryption primitive. RSA (key unwrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength) FIPS 140-2 Security Policy v1.5 11 Table 4 – Non-Approved algorithms used in non-Approved mode only Cryptographic Algorithm Usage RSA Signature Generation with 1024- bit keys Signature Generation Component EdDSA Key Generation, Signature Generation Primitive X25519 Key Generation, Key Agreement 2.2 Cryptographic Module Ports and Interfaces The physical ports of the module are the available pins of the single-chip device. The pins are utilized as follows: Table 5 - Module Interface Mapping Port/Pin Description Logical Interface USB pins (D+ / D-) (Qty. 2) Primary physical interface (USB) • Control in • Data in • Data out • Status out Touch Button interface (Qty. 2) Factory reset • Control in LED interface (Qty. 1) Status LED • Status Out Power interface (Qty. 3) Power supply (+5V, GND and supply voltage decoupling) • Power In FIPS 140-2 Security Policy v1.5 12 Port/Pin Description Logical Interface NFC Interface (Qty. 2) Contactless interface • Control in • Data in • Data out • Status out I2C I/O pins (SDA / SCL) (Qty. 2) (Only available on the SLE78CLUFX5000PH) Secondary physical interface (I2C) • Control in • Status out Interface Select Pin (Qty. 1) (Only available on the SLE78CLUFX5000PH) Select USB or I2C (Power-up only) • Control in 2.3 Roles, Services, and Authentication The following sections provide details about roles supported by the module and the services the roles are authorized to access. 2.3.1 Authorized Roles The module supports a Cryptographic Officer (CO) and a User. The CO is responsible for configuring CSPs and managing Users. The User performs cryptographic operations and utilizes the module as an authenticator. FIPS 140-2 Security Policy v1.5 13 2.3.2 Authentication Mechanisms No authentication claims are asserted. Roles are assumed implicitly based on services executed. If authentication support is desired, please see the YubiKey 5 Level 2 Security Policy. Table 6 - Authentication Mechanism Details Role Type Of Authentication Authentication Strength CO or User N/A N/A 2.3.3 Services The module supports seven functional units: OTP, PIV, OATH, OpenPGP, FIDO/FIDO2, FIDO/U2F, and YubiCrypt. The following table describes all services available: Table 7 - Services Service Description Role CSP Access CO User General Services DEVICE CONFIGURATION Select a functional unit and retrieve non-security relevant device information X N/A SELF-TESTS Perform all Power-On Self-Tests on demand X N/A OTP Services WRITE CONFIG TO SLOT Write configuration and CSP in slot Zeroization X WZ – OTP Key FIPS 140-2 Security Policy v1.5 14 Service Description Role CSP Access CO User UPDATE SLOT CONFIGURATION Update configuration (excluding key material CSP) in slot X N/A EMIT YUBI-OTP FROM SLOT Emit YubiOTP from slot X WX – DRBG State X – OTP Key EMIT OATH-HOTP FROM SLOT Emit OATH-HOTP from slot X X – OTP Key EMIT HASH-OTP FROM SLOT Emit HASH-OTP from slot X X – OTP Key PERFORM YUBI- OTP CHALLENGE RESPONSE FROM SLOT Perform YubiOTP challenge response with AES 128 bit key stored in slot using user supplied challenge X WX – DRBG State X – OTP Key PERFORM HMAC- SHA1 CHALLENGE RESPONSE FROM SLOT Compute SHA1 HMAC using 160 bits key stored in slot using user supplied challenge X X – OTP Key SLOT DEVICE SERIAL Read serial from device X N/A SLOT YK GET DEVICE INFO Read device capabilities. X N/A SLOT YK SET DEVICE INFO Set device capabilities. X N/A WRITE NDEF TO SLOT Write the NDEF URL and choose slot X N/A PIV Services SELECT APPLET Select PIV applet X N/A GET SERIAL Get serial number X N/A FIPS 140-2 Security Policy v1.5 15 Service Description Role CSP Access CO User GET METADATA Get metadata X N/A GET VERSION Get firmware version X N/A VERIFY PIN Verify user PIN X N/A CHANGE MANAGEMENT KEY Change management key X WX – Management Auth Key CHANGE PUK Change PIN unlock code X N/A CHANGE PIN Change user PIN with known PIN X N/A UNBLOCK PIN (RESET RETRY COUNTER) Reset retry counter and set new user PIN using known unlock code X N/A GENERAL AUTH Authenticate to the applet using the Management Auth Key. This service can also perform a requested cryptographic operation with an Asymmetric Key X WX – DRBG State X – Management Auth Key X – Asymmetric Key GENERATE KEY Generate asymmetric key pair X WX – DRBG State W – Asymmetric Key READ DATA FROM UNPROTECTED CONTAINERS Read user data X N/A READ DATA FROM PROTECTED CONTAINERS Read protected user data X N/A FIPS 140-2 Security Policy v1.5 16 Service Description Role CSP Access CO User WRITE DATA TO CONTAINERS Write any container X N/A CHANGE RETRY COUNTERS Set retry counter for PINs X N/A IMPORT KEY Import asymmetric key X W – Asymmetric Key W – Attestation Key RESET Reset PIV card state and delete all stored information Zeroization X Z – All, but Attestation Key ATTEST Generate an attestation for an internally generated key X X – Attestation Key OpenPGP Services SELECT APPLET Select applet X N/A VERIFY PW1 Verify using user PIN X N/A VERIFY PW3 Verify using admin PIN X N/A CHANGE PW1 Update user PIN X N/A CHANGE PW3 Update admin PIN X N/A UPDATE RESET- CODE Set or update resetting code X N/A UNBLOCK PW1 Reset user PW1 using resetting code or PW3 X N/A SET PIN RETRIES Set retry limit for PW1, PW3 and reset- code X N/A FIPS 140-2 Security Policy v1.5 17 Service Description Role CSP Access CO User GENERATE ASYMMETRIC KEY PAIR Generate asymmetric key pair X WX – DRBG State W – Asymmetric Key IMPORT ASYMMETRIC KEY Import asymmetric key X W – Asymmetric Key SET KEY ATTRIBUTE Specify/Change a key type (RSA or EC) and length. If a key’s type is changed, it will zeroize the existing key X Z – Asymmetric Key READ PUBLIC KEY Read public key X N/A COMPUTE DIGITAL SIGNATURE PRIMITIVE Perform signature primitive X WX – DRBG State X – Asymmetric Key DECIPHER RSA Unwrap operation or EC-DH shared secret calculation X X – Asymmetric Key INTERNAL AUTHENTICATE Perform internal authentication (signature primitive) X WX – DRBG State X – Asymmetric Key TERMINATE APPLET Terminate OpenPGP applet and delete all stored data X X N/A ACTIVATE APPLET Activate OpenPGP applet with factory defaults Zeroization X Z – All, but Attestation Key FIPS 140-2 Security Policy v1.5 18 Service Description Role CSP Access CO User ATTEST Generate attestation for an internally generated key X X – Attestation Key READ UNPROTECTED DATA OBJECT Read all unprotected data X N/A READ PROTECTED DATA FOR USER Read data objects only available to user X N/A READ PROTECTED DATA FOR ADMIN Read data objects only available to admin X N/A WRITE DATA Write data objects except user writable data objects X N/A WRITE USER PROTECTED DATA Write user writable data objects X N/A GET VERSION Get firmware version X N/A OATH Services SELECT APPLET Select Applet X WX – DRBG State RENAME Update the Name of an OATH credential entry X N/A SET CODE Set or update a Management Auth Key (Only used for Level 2 configuration) X N/A VALIDATE Validate Management Auth Key (Only used for Level 2 configuration) X N/A PUT Add a new OATH entry X W – OATH Seed Key DELETE Remove an OATH entry X Z – OATH Seed Key RESET Delete all OATH credentials and set the applet to the factory defaults X Z – All FIPS 140-2 Security Policy v1.5 19 Service Description Role CSP Access CO User Zeroization LIST List all the names of the OATH entries X N/A CALCULATE Calculate the code for an OATH entry X X – OATH Seed Key CALCULATE ALL Calculate code for all entries X X – OATH Seed Key FIDO/U2F Services REGISTRATION Create a U2F key handle X WX – DRBG State X – Wrapping Key W – Asymmetric Key X – Attestation Key AUTHENTICATION Generate an assertion using a U2F key handle X WX – DRBG State X – Wrapping Key X – Asymmetric Key VERSION Read the U2F version string X N/A RESET Zeroization X WX – DRBG State Z – All, but Attestation Key FIPS 140-2 Security Policy v1.5 20 ECHO Echo data over the U2F protocol X N/A FIDO/FIDO2 Services MAKE CREDENTIAL Create a new FIDO credential (resident or transient) X WX – DRBG State X – Wrapping Key W – Asymmetric Key X – Attestation Key GET ASSERTION Use credential X WX – DRBG State X – Wrapping Key X – Asymmetric Key X – Offline Key RWX – Asymmetric Key RWX – CTAP Session Keys GET INFORMATION Device information X N/A PIN SERVICE Creating, updating, and validating PIN X RWX – Asymmetric Key RWX – CTAP Session Keys RESET Zeroization X Z – All, but Attestation Key CREDENTIAL MANAGEMENT Listing credentials and deleting credentials X Z – Asymmetric Key FIPS 140-2 Security Policy v1.5 21 YubiCrypt Services SELECT Select Application X N/A PUT KEYS Load keys and associated PIN X W – Authentication Keys DELETE KEYS Delete keys X Z – Authentication Keys RESET Zeroization X Z - All LIST Lists the credential names X N/A CALCULATE User Authenticate X X – Authentication Keys W – Session Keys GET RETRY COUNT Specifies the number of Login attempts remaining X N/A GET VERSION Get FW version X N/A CHANGE PIN Update PIN X N/A Secure Channel Services SELECT Select Application X N/A PUT KEY Load Authentication Keys X W - Authentication Keys WX – Sensitive Data Key X – Session Keys DELETE KEY Delete key set X Z – Authentication Keys FIPS 140-2 Security Policy v1.5 22 Z- Sensitive Data Key Z – Session Keys X – Session Keys GET DATA Get metadata X N/A INITIALIZE UPDATE Create Secure Channel Session X X - Authentication Keys W – Session Keys EXTERNAL AUTHENTICATE Complete Session Establishment X X – Session Keys 2.4 Physical Security The module is a single-chip embodiment with a hard, opaque enclosure. The IC packaging is tamper-evident and removal-resistant. 2.5 Operational Environment The module supports a non-modifiable operational environment and does not allow for the loading of firmware updates. FIPS 140-2 Security Policy v1.5 23 2.6 Cryptographic Key Management The module supports the following Critical Security Parameters: Table 8 – Details of Cryptographic Keys and CSPs Key/CSP Type Generation Entry Output Storage Zeroization Usage Entropy Input 384-bits Internally by NDRNG N/A N/A Plaintext in RAM Zeroization Seed the DRBG DRBG Internal State V and Key Internally by DRBG N/A N/A Plaintext in RAM Zeroization Random number generation Authentication Keys AES-128 bit keys (KENC, KMAC) N/A. For Secure Channel, a default set is pre-loaded. Plaintext (direct entry – Yubicrypt only) or Encrypted by Secure Channel N/A Plaintext in Flash Zeroization Used to derive session keys for Secure Channel and YubiCrypt Sensitive Data Key AES-128 CBC (KDEK) N/A, a default is pre-loaded. Plaintext (direct entry) or Encrypted N/A Plaintext in Flash Zeroization Used for Sensitive Data Decryption FIPS 140-2 Security Policy v1.5 24 Key/CSP Type Generation Entry Output Storage Zeroization Usage by Secure Channel Session Keys AES-128 CBC (SENC), AES-128 CMAC (RMAC/SMAC) N/A. Derived from Authentication Keys via SP800- 108 CMAC KDF N/A Plaintext (YubiCrypt only) or Encrypted by Secure Channel Plaintext in RAM Zeroization Secures sessions PINs For the Level 1 configuration, authentication is not supported. PINs are not relied upon to satisfy any FIPS 140-2 requirements and are not treated as CSPs. Minimum 4 byte values N/A. Pre-loaded values or configured by operator. Plaintext (direct entry) or Encrypted by Secure Channel or CTAP Session Keys N/A Plaintext in Flash (SHA- 256 hash for FIDO2) Zeroization Authenticate operators PIN token For the Level 1 configuration, authentication is not supported. The PIN token is not Internally by DRBG N/A Plaintext or Encrypted by CTAP Session Keys Plaintext in RAM Zeroization FIPS 140-2 Security Policy v1.5 25 Key/CSP Type Generation Entry Output Storage Zeroization Usage relied upon to satisfy any FIPS 140-2 requirements and is not treated as CSPs.. HMAC SHA-256 CTAP Session Keys AES-256 CBC and HMAC-SHA-256 N/A. Established via KAS-SSC and KDA N/A N/A Plaintext in RAM Zeroization Used to secure FIDO/FIDO2 services in PIN Protocol 2 Management Auth Keys 3-Key TDES (PIV), AES 128/192/256- bit (PIV) N/A. PIV keys are pre-loaded. Plaintext (direct entry) or Encrypted by Secure Channel N/A Plaintext in Flash Zeroization PIV secrets Offline Key HMAC SHA256 Internally, using the DRBG N/A N/A Plaintext in Flash Zeroization To support the HMAC-Secret FIDO extension OTP Keys AES-128, HMAC- SHA1, or HASH- OTP Secret (byte string) N/A. Pre-loaded values. Hash- OTP Secret can alternatively Plaintext (direct entry) or Encrypted N/A Plaintext in Flash Zeroization Used to generate OTPs FIPS 140-2 Security Policy v1.5 26 Key/CSP Type Generation Entry Output Storage Zeroization Usage be internally generated. by Secure Channel Hash-OTP Secret cannot be imported OATH Seed Key HMAC SHA1/256/512 N/A Plaintext (direct entry) or Encrypted by Secure Channel N/A Plaintext in Flash Zeroization Used to generate HOTPs or TOTPs Asymmetric Keys RSA 2048 - 4096 bits or EC P-256/P-384/P- 521 or Non-NIST curves private keys Internally, using the DRBG Plaintext (direct entry) or Encrypted by Secure Channel or SP800-38F Key Wrap (AES CCM) AES CCM SP800-38F Key Wrap (FIDO ONLY) Plaintext in Flash or RAM Zeroization Signature generation, ECDH, and RSA key unwrap FIPS 140-2 Security Policy v1.5 27 Key/CSP Type Generation Entry Output Storage Zeroization Usage Attestation Key RSA 2048 - 4096 bits or EC P-256/P-384/P- 521 or Non-NIST curves private keys Pre-loaded values. Plaintext (direct entry) or Encrypted by Secure Channel PIV and OpenPGP only N/A Plaintext in Flash N/A. Attest internally generated public keys Wrapping Key AES-256 CCM Internally, using the DRBG N/A N/A Plaintext in Flash Zeroization Used to wrap FIDO keys. Asymmetric Public Keys RSA 2048 - 4096 bits or EC P-256/P-384/P- 521 or Non-NIST curves public keys Internally, using the DRBG N/A Plaintext Plaintext in Flash N/A Used to verify digital signatures (external entities), ECDH, or perform RSA Key Wrap FIPS 140-2 Security Policy v1.5 28 2.6.1 Key Generation The module uses an internal NDRNG to seed the SP800-90A CTR_DRBG for the generation of keys. DRBG is initialized with a 384-bit entropy input string, which contains at least 301.8 bits of entropy. Note that the module generates cryptographic keys whose strengths are modified by available entropy. 2.6.2 Key Entry/Output CSPs may be entered and output in plaintext. Optionally, a Secure Channel (AES-128 CBC and CMAC) may be established within each functional unit to protect communication, inclusive of CSP entry and output. Keys may also be encrypted by the Wrapping Key (AES-256 CCM). Please see Table 8 above for complete details. 2.6.3 Zeroization Procedures Each functional unit is zeroized using separate services that destroy the CSPs within its purview, as follows: - PIV: “RESET” service. All CSPs zeroized with the Management Auth Key and PIN being set to their default values. - OTP: “WRITE CONFIG TO SLOT” service. All CSPs zeroized. - OATH: “RESET” service. All CSPs zeroized. - OpenPGP: “TERMINATE APPLET” followed by “ACTIVATE APPLET” services. All CSPs zeroized with the PINs being set to their default value. - FIDO/FIDO2: “RESET” service. All CSPs zeroized with the Offline Key and Wrapping Key being re-generated. - YubiCrypt: “RESET” service. All CSPs zeroized with the ephemeral keys cleared at power cycle and PINs being set to their default values. - Secure Channel: “DELETE KEY”. All CSPs zeroized with the ephemeral keys cleared at power cycle. Attestation Keys will persist through a zeroization, as they are used to create public key attestations. 2.7 Electromagnetic Interference / Electromagnetic Compatibility (EMI/EMC) The module conforms to 47 CFR FCC Part 15. Subpart B, Class B (Home Use) requirements. FIPS 140-2 Security Policy v1.5 29 2.8 Self-Tests Self-tests are health checks that ensure that the cryptographic algorithms within the module are operating correctly. The self-tests identified in FIPS 140-2 broadly fall within two categories 1. Power-On Self-Tests 2. Conditional Self-Tests 2.8.1 Power-On Self-Tests The module benefits from the allowances set forth by IG 9.11. Upon initial installation, the module performs all required power-on self-tests. Once successfully completed, a POST flag is set and is checked upon each subsequent power-on. For each subsequent power-on, if the POST flag is set, only the firmware integrity test is performed. All other self-tests may be invoked on demand. The module supports the following Power-On Self-Tests: - Firmware Integrity Test (16-bit EDC) - AES-128 CCM Encrypt KAT - AES-128 ECB Decrypt KAT - HMAC (SHA-1, SHA-256, SHA-512) KAT - KDF SP800-108 CMAC KAT - CTR_DRBG KAT - ECDSA Signature Generation Component (P-256) KAT - ECC CDH Primitive “Z” Computation KAT - RSA 2048 Signature Generation Component KAT - RSA 2048 Decryption Primitive KAT Component KAT) - TDES 3-Key Encrypt KAT 2.8.2 Conditional Self-Tests The module supports the following Conditional Self-Tests: - NDRNG Continuous Test - SP800-90A Health Tests - ECDSA Pairwise Consistency Test - RSA Pairwise Consistency Test 2.8.3 Self-Tests Error Handling If any of the Power-On Self-Tests fail, the module enters the error state and will immediately restart. FIPS 140-2 Security Policy v1.5 30 2.9 Mitigation Of Other Attacks The module does not assert mitigation of attacks beyond the scope of FIPS 140-2 requirements. 3. Secure Operation The module supports an Approved mode and a non-Approved mode of operation. 3.1 Installation There are no specific instructions for the installation of the YubiKey 5 Cryptographic Module. The module will come installed within a YubiKey 5 and is ready for use once powered-on and initialized per the instructions in Section 3.2. 3.2 Initialization In order to operate in the Approved mode of operation, the operator must adhere to the following instructions: - Do not use any algorithms specified in Table 4 of this Security Policy - Select the functional units intended for use and perform the following: o OTP: ▪ Establish a secure channel to perform the following services over NFC: • WRITE CONFIG TO SLOT o PIV: ▪ Establish a secure channel to perform the following services over NFC: • IMPORT KEY • CHANGE MANAGEMENT KEY o OpenPGP: ▪ Establish a secure channel to perform the following services over NFC: • IMPORT ASYMMETRIC KEY o OATH: ▪ Establish a secure channel to perform the following services over NFC: • PUT o FIDO U2F: ▪ No additional instructions FIPS 140-2 Security Policy v1.5 31 o FIDO2: ▪ No additional instructions o YubiCrypt: ▪ Establish a secure channel to perform any YubiCrypt services over NFC o Secure Channel: ▪ Update the default key set - If the instructions above are not adhered to or the operator desires to transition to the non-Approved mode, then the module must be zeroized per the instructions in Section 2.6.3. FIPS 140-2 Security Policy v1.5 32 Appendix A: Acronyms This section describes the acronyms used throughout the document. Table 9 - Acronyms Acronym Definition AES Advanced Encryption Algorithm CKG Cryptographic Key Generation CTAP Client to Authenticator Protocol DES Data Encryption Standard DRBG Deterministic Random Bit Generator ECDH Elliptic Curve Diffie-Hellman ECDSA Elliptic Curve Digital Signature Algorithm FIDO Fast Identity Online HMAC Hash-based Message Authentication Code KDA Key Derivation Algorithm KDF Key Derivation Function KTS Key Transport Scheme LRC Longitudinal Redundancy Check NDRNG Non-deterministic Random Number Generator OATH Open Authentication OTP One Time Passcode PIN Personal Identification Number PIV Personal Identification Verification RSA Rivest, Shamir, Adleman SCL Serial Clock Line FIPS 140-2 Security Policy v1.5 33 SDA Serial Data Line SHA Secure Hash Algorithm TDES Triple Data Encryption Standard U2F Universal Second Factor