YubiKey 4 Cryptographic Module
The firmware versions have a security flaw.
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: Level 3
- EMI/EMC: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
The Yubikey 4 cryptographic module is a secure element that supports multiple protocols designed to be embedded in USB security tokens. The module can generate, store, and perform cryptographic operations for sensitive data and can be utilized via an external touch-button for Test of User Presence in addition to PIN for smart card authentication.The module implements five major functions - Yubico One Time Password (OTP), FIDO Universal 2nd Factor (U2F), PIV-compatible smart card, OpenPGP smart card and OATH OTP authentication.
EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG
4.4.2, 4.4.4 and 4.4.5