Menu

Fido Shootout - Too Lazy to Count Edition

I have loved Hardware based security for a Fucking eternity, and so I accumulated quite a few different Devices (for the rest of this article, "key" generally refers to the cryptographic keys to avoid confusion) over the years.
so now I am going to compare them.

  1. The very Simple U2F Stick from Plug-Up
  2. Yubikey 4 Nano (pre-ROCA)
  3. Key-ID U2F stick (old model)
  4. Yubikey 4 Nano (Post ROCA, free)
  5. Feitian NFC Key (K9)
  6. Key-ID U2F stick (New model, free)
  7. Yubikey 5 NFC
  8. Solo Hacker USB-A
  9. Solo Tap Secure USB-C
  10. Solo Secure USB-A
  11. eWBM Goldengate G310 (Free, for now)
  12. Hypersecu HyperFIDO Mini
  13. Krypton (not actually a Device)
  14. Yubico Security Key
  15. Somu Secure
  16. Hypersecu HyperFIDO Pro Mini
  17. Feitian Multipass
  18. GoTrustID Idem Card
  19. Ledger Nano S
  20. Archos Safe-T mini
  21. Keepkey
I am SO not gonna bother updating this pic everytime I get new Devices

As you can see I noted that I got 4 of them for free, and because transparency is a given I'll explain the circumstances of each as we go along.
I also do want to stress that aside from the Goldengate, most of this is based on the experience of my life with the thing and not a specific test, but as I got the Goldengate specifically for this purpose I went out of my way to test some things.

Also I will update this post as more stuff comes along, Also do note that I am not ordering chronologically but by theme so I don't have to get overly redundant.

Also as this Article is getting WAY too fucking long already (and I plan adding more devices over time, every device section gets a nice Spoilerbox, so at least scrolling the Version on the site isnt as painful as scrolling in the editor.

Plug-Up U2F

As alluded in the list already this is a VERY simple device. Unlike almost all other Fido-compatible devices this one lacks a button and instead does user presence checks by pulling it out and plugging it in again where I assume, the Stick only waits a few seconds to actually sign something. Currently I can not really get this thing to work, I am not really sure why, but the device is Recognized by the computer, so it is kinda weird.
I would say this device is a nice way to do your very first steps with U2F and was the cheapest at 5€ back in the day (Jan 2016) but seems not to be sold anymore

Yubikey 4 Nano

Since these two are basically the same I am going to screw the order a bit and do them together. basically the Yubikey is something we in Germany call an "Eierlegende Wollmilchsau", which basically is a (fictional) animal which can provide eggs, wool, milk and meat, basically providing more or less everything one can think of.
Similarly the Yubikey depending on which you got, Provides A LOT of functionality.
The Yubikey 4 to be precise can do the following

  • Various modes for Static and dynamic passwords (2 slots), while acting as a keyboard, including a factory provided Yubico OTP, HOTP, and the noted static password
  • HMAC based challenge-response (uses the same 2 slots as above)
  • Smartcard Features (e.g. Windows Login in Active Directories or using extra tools.)
  • PGP Key functionality
  • U2F

As you can see, a LOT. U2F works pretty well, which makes sense considering they were among the first to implement it. The other features can be fun to use but especially the password modes are a bit sad considering there are only 2 slots (which is understandable though given that they are accessed by short and long tap of the metal area)
Regarding ROCA, there is essentially a bug in the Yubikey in the RSA generation that the Randomness is garbage allowing the private key to be reconstructed RELATIVELY easily (somewhere in the weeks to months range) and more importantly, in milliseconds one can find out whether a key is affected, allowing someone with interest to easily find out which keys to attack. Afer this came to light Yubico made a Replacement program for all affected Devices, including my first Yubikey 4 Nano. Since U2F is using Elliptic keys though, U2F is entirely not affected and the device is still usable for anything that doesnt involve generating RSA keys on the device.

Yubikey 5

This Device is fairly similar to the 4 Nano as it is also a Yubikey, but basically comes with new stuff.

  • NFC (the entire Generation 4 had no NFC)
  • Fido2 (PIN based)
  • Resident Key storage

The Benefits of NFC are kinda obvious, with supported phones one could easily fo 2 Factor without needing any USB adapters or special USB support which isnt always given.
Fido2 allows the Device to do User Verification, aka, not only confirming that some person is present and pushing it, but also that that person is actually authorized to use that device and therefore key, allowing for a full two-factor auth to occur on the Device and no passwords or otherwise sensitive data to be sent over the internet.
Although with how U2F worked previously with generally the device storing a dynamic half of the key on the website and using a master secret as a second half for the key (simiplified) the big "Problem" is that while it can authenticate a user, a user has to be identified first, for example by entering your username.
Resident keys remove the need for that by the key having a storage space for full keys along with a little bit of metadata (like a display name) which allows the Device to not only verify but also identify the user, basically allowing a Usernameless login which only involves clicking a button on the website to start, tapping your Device, entering your PIN and selecting which key to use (if multiple keys exist for any given website) and you are basically in.

This is very fun, but there are a few problems. Not only is storage space limited, but SECURE storage is generally even MORE limited. The Yubikey 5 can only store (according to what they say) 25 Resident Keys, which isn't really a LOT, and to top it all off, the only way to delete your RKs is to RESET THE ENTIRE DEVICE (in case of the Yubikey specifically only the U2F/FIDO2 module needs a reset), which also wipes the master secret for the normal split keys, forcing you to re-register everywhere when you need to get rid of a usernameless login somewhere.

SERIOUSLY, why am I the one who has to tell companies something so FUCKING OBVIOUS?

SOUNDS LIKE FUN! Imagine a CD-RW where the only way to truly alter data was to reburn the entire disc and you basically only could write new data until it was full if you don't want to reset. Add to this that you cannot backup or otherwise keep a copy of the Keys (granted, this is normal and makes sense), but how can someone miss something so PAINFULLY OBVIOUS!?! (granted they fixed it in a later firmware version, but Yubikeys cannot be updated, so well...

Although if you want a device from Yubico but dont need USB-C or any of the Yubikey-specific feature but only U2F/Fido2, I rather recommend looking at the FAR cheaper "Security Key" lineup from Yubico (below), because while the Yubikey 5 NFC isnt cheap, the smaller and USB-C versions are REALLY getting expensive, and that even more so when getting the 5Ci which has a lightning port to work with iPhones and iPads which recently adopted Support for them.

Yubico Security Key

The Yubico Security Series (I often just refer them as Blue Yubis, as they look very similar to Yubikeys with the most obvious difference being that the Security Keys are blue) are basically much more simple Devices Yubico is offering, unlike the Yubikeys which support borderline every type of authentication in existance as long as you can do it over USB or NFC, the Blue Yubis are focused around the Fido protocols, which currently means U2F and Fido2. There are 3 of them existing, the original, the updated model with support for Fido2 (which can be recognized by a 2 being molded into the plastic) and the NFC version which is basically the 2 but with NFC, while it doesnt have the big 2 in the plastic, the touchbutton has some wireless-style waves around the "key" icon to indicate it being NFC, and as the Blue Yubi NFC only exists as a version with Fido2 it is enough to specify the device.

Basically it has the same functionality as the Fido Module of the Yubikey 5, which generally means:

  • Simple U2F support, Tap and go
  • Fido2 support with a PIN as UV
  • 25 Resident Keys (the lowest I have seen so far)

also depending on the firmware, you get extra features:

  • before 5.2.3 you have RSA (nobody really uses that)
  • 5.2.3 onwards you have
    • RK management
    • credential protection (e.g. an RP can say that without UV the device may not even tell the client whether or not a credential is available for use on that speific site.

I specifically got the Blue Yubi NFC for trying out Resident Key management and stuff because it obviously is very awesome to have control over the Resident keys (kinda sad though that I have to declare that as awesome)
The management works generally very well, it needs a PIN to access and generally does what it should, delete keys and so on.

Key-ID U2F Sticks

The old model Key-ID Stick was one of my Favorite U2F sticks and I use it a LOT for dev stuff which apparently led to its downfall, while many Fido Devices have a global counter for better or for worse, this one seems to use separate counters for the different registrations, and while I can use it in some places I still have it registered, it just blocks new registrations entirely, I really liked that this one is small but not too small and has a physical button instead of a touch element, which in case of my Yubi nano seemed quite a bit too sensitive, spawning OTPs left and right...
Due to the fact it no longer registering I got a new model for free to try, which sure is nice but not without its own problems.
It is very small making it easier to lose, or depending where you plug it it, harder to pull out of you don't have a strap attached, also the green light is EXTREMELY bright which while in normal light situations can be annoying, but is really bad when it's dark.
This model does use a global counter though so I don't think it'll easily die like the first.

Hypersecu HyperFIDO Mini

This is the cheapest Hardware device currently available in the entire Lineup.
While it only does U2F, most Sites dont work yet with Fido2 or even Webauthn for that matter, so that wouldn't be an issue. What MIGHT be an issue though is the global, one-step counter (in other words, it always counts up by one, and the same counter is used on all sites) for Privacy reasons. While you generally cannot easily cross-site track a specific device just by its attestation certificate as these are generally assigned not to individual devices, but rather batches of hundreds or even many THOUSANDS of shipped ones of a single model (unless we are talking about custom ones, which are obviously unique). but when observing the counter behavior of Keys with one-step global counters this may lead to a relation over time, although this is generally not very easy.
The Stick is VERY similarly built to the new model Key-ID one (which is why this section is right below this), but has not taken one of the more obvious shortcomings the Key-ID has:

Hypersecu HyperFIDO Pro Mini

the Hyperfido Pro Mini is basically the same as the one without the Pro from the outside but it supports Fido2.
Sadly there is almost no difference between the 2 except for the engraved things like serial number or whatever, but this thing is nothing to sneeze at, because it is with big margin the cheapest Fido2 Stick I got so far for just 11,60€, and even has the second largest RK storage of them all (I counted 128 registrations (seriously, entering the PIN THAT often just is a big pain, so I have been doing it so no one else has to.)
It also has the much less bright light that the normal Mini had in comparison to the Key-ID, which makes it not too bad in my opinion. it certainly does its job nice and seems to be a very good starting point for Fido beginners.

Feitian K9 NFC

Back in the day when I wanted to try U2F on phone you only could use Bluetooth or NFC with the latter being FAR cheaper also needing less care as there isnt any battery needed, and at the time it was the cheaptest NFC key by far (15€ on amazon) It's pretty simple to use with USB you just plug it in and touch when it's blinking to confirm U2F, with NFC, you just slap it on your phone. there isn't really much to say except that I also like the device for being not overly large, but also not too small and just plain working and not having overly bonkers features enabled by default (I read that there is HOTP functionality, but HOTP is borderline never used so cant really try that a lot, and why should I HOTP when I can U2F instead? lol)

Feitian Multipass (K13)

So while originally not cheap, the price has dropped significantly over the years (about 37€), I still won't call this cheap, but it does offer its advantages. the biggest of all is that it combines all 3 relevant interfaces for a portable Fido device (USB, NFC and Bluetooth, making it truly versatile, no matter what device you are interfacing with.

But there's obviously a catch (go figure), it only runs on U2F, meaning for the Future of Passwordless Auth, it sadly is not prepared, but it still makes a very neat second Factor device, I am Happy to have.

But it's slightly awkward form factor makes it hard to find a decent case for it, so accidential activations need to be accounted for (something you should keep in mind when using Bluetooth devices in General)

Solo

The Solo Devices are fairly special for 3 main reasons:

  1. They are completely open Source (both Soft- and Hardware)
  2. "Hacker" Editions, which have a completely open Bootloader for doing whatever you want exist for each model.
  3. They support Updates, meaning you are not forced to buy another Solo if a crazily obvious feature was omitted when you bought your Device, or having to get replacements in case of a vulnerability.

The Solo exists in 4 Base models, which basically falls in the following categories:
USB-A or USB-C
With or without NFC
and of each of those 4 models you can get a Secure or a Hacker variant. basically the secure variant is locked to signed firmware by Solokeys (aka the maker), while the Hacker can be customized however you want, at the cost of not having the real attestation, for obvious reasons.
While I do like the possibility of having hacks I am honestly not really good in programming outside of Web-Stuff (whether that can be considered programming is debatable, I know)
The Solo is very simple to use and while it has a push button that is definitely not weak, the clicky sound is REALLY satisfying, although you really should support the it from below when clicking it to not break your USB port (A version) or plug (C-Version), where you can already see one of the disadvantages of the USB-C Version. while the USB-A version not only has its plug not only as part of the PCB, but also as a result of that, the PCB is REALLY thick, making the USB-A Versions borderline unbreakable, unless you are actively trying to do that (please dont). As the USB-C port does not have the ability to just be a part of the PCB it has to be soldered on, with some newer iterations adding more solder points for stability, but since my U2F lineup generally has it quite rough in my bag, I am not going to take any risks and put my Solo in a case, so there's essentially no way it'll break off that easily.
The Solo supports both U2F and Fido2, same as the Yubikey 5 it uses PIN for verification if asked for it, but as a big step upwards, the solo can store up to 50 Resident keys (not tested), and while they currently dont have any RK management, it is planned, and current customers are not screwed because of the update capability.
Solokeys is also in the process of making a tiny version of the Solo, called the Somu, which basically can be compared with the Yubikey Nano in regards of form factor, otherwise it will be mostly identical to the Solo A, although sadly more expensive, which is understandable though due to being harder to make obviously.
one of the few things that arent perfect on the Solo though is that while it does offer the super awesome feature of colored silicone cases, there isnt any truly transparent place for the light to shine through, so the LED's color gets filtered by the case color making some colors harder to see depending on the case, like when the Solo goes yellow for an authentication, on a blue case it's just green because the Red part gets filtered more strongly than the green, opposite on a red case, where it looks a lot more Red than anything else.

In case you live in the US (otherwise shipping will be expensive) you can buy them using this (afiliate) link (no discount, don't blame me for the URL):
https://solokeys.com/discount/my1

Somu

The Somu basically is a MUCH smaller version of the Solo, basically what a Yubikey nano is to a Yubikey, the Somu is to the Solo.
So it has the same basic features as a Solo USB-A with also a Secure and a Hacker version existing.
Frankly there is not much to say about this what hasn't been said about the normal Solo already.
It mostly exists to permanently stay in a USB port like for example a Laptop or PC. That way you dont have to fiddle around with the big Sticks and can just lightly tap the side of your Laptop or whatever and use that to do your Fido needs.

Also, in case you live in the US (otherwise shipping will be expensive) you can buy them using this (afiliate) link (no discount, don't blame me for the URL):
https://solokeys.com/discount/my1

eWBM Goldengate G310

for starters first things first: as lined out on the top I got my G310 for free (I literally just asked for it lol) for review purposes, and I am honestly sad that as it stands currently, that I will have to send it back in January (although understandable, as it isnt really a cheap device) and now I can keep it, which makes me happy.

The Goldengate Series is as advertised by eWBM, the first Fido2 Device with an L2 certification, which certainly is a nice thing. It also is the first Fido2 Device I own that uses Fingerprints instead of PIN.
The Goldengate Series consists of 4 different Models where 2 are essentially completely equal (G310/G320) except for one having a USB-A and the other having a USB-C port. the other 2 (G450 and G500), according to eWBM, only differ in shape.
the fingerprint reader works mostly well, at least if you actually take care of scanning your complete finger. it doesnt ask for that many scans, and you sadly don't get an option to continue scanning that finger to get a better image, so be a bit careful with enrolling, also after you stored your fingerprint you have no way to rename them or knowing which is which, so be careful to keep track or just delete them if you want to reorganize.
Also, when putting the G310 onto a USB extension cord (I know it's not part of the USB spec but guess what, I don't care) and then try to use the FP reader in basically any rotation imaginable, it works all the time, if you are careful and put your finger nicely onto the reader, so that's very nice.
One thing you might wanna know though is that while the Stick allows for 15 false FPs before locking itself, after every 3 tries it will require a reboot, basically pulling it out and plugging it in again, which is the same other Fido2 keys require for the PIN, and the PIN runs on 8 tries, same as other Fido2 devices, as per spec.
biggest annoyance is that you need the Bio Manager to unlock the FP scanner though.

If you have Windows 10 1903 or later, the Goldengate is essentially seamless to use as W10 1903+ has "Security Key" Management options in the account Settings part of the PC settings. on other OSes you can (or rather have to) use the Goldengate Bio Manager to enroll your Fingerprints, which did work nice on my WIndows 8.1, although the sofware sometimes gets weird errors and basically needs a quick restart of itself or a replug of the stick. One thing I REALLY like though is the fact that you can at least Quickstart without using any software or Fingerprint Setup. in case there are no FIngerprints set, the FP management PIN doubles as Fido2 Auth PIN and vise versa, basically if you want to sign up to a site which forces Verification with a fresh Goldengate, you will be asked to create a PIN which you can use for Login while you have no Prints, and then later use the same PIN to manage your FPs, which is a really nice feature.

One fun thing to note aside though is that they TOTALLY lied in my face (well not actually as it happened in twitter DMs).
They said the stick can store up to 200 Resident Keys (which already is 8 times Yubi or 4 Times solo, but after I went though with my Resident key registration loop script I got 242 before the device started complaining, which definitely is a nice number. although this thing REALLY gets slow with RKs if you have over 100 keys on that specific site you try to use (although let's be real, that's borderline never going to happen unless you purposely try this). but what I didn't like is that yet again, they also have no way to delete RKs without wiping the entire Stick -.-
Sure while this probably wont happen too often with a keyspace that big, when it DOES happen it is so much more devastating.
Well whatever, also while I was told that they plan to add this into their Bio Manager, I frankly am not sure whether their firmware even supports doing something like that, and OF COURSE there are no updates as they consider an update process that is doable by users as insecure (lol signatures are a thing)

BIG Update: eWBM LIED TO ME

(Quick Note: obviously being sarcastic here)
So I based my statement on the fact that the Goldengates don't run RK Management on statements I got from eWBM in the VERY Long Twitter PM thread where I basically had a whole mix of stuff between complimenting them for good stuff, offering my ideas on things that were maybe not ideal and straight ranting about things I REALLY hated, as well as due to the fact that it kinda took a while for a device to arrive, poking a metric fuckton of questions about the thing so I am prepared for when it arrives and can already point out stuff without actually having to have the Device yet. This includes the very obvious question on whether the device has RK Management as pinpoint-grilling is something I consider kinda important (obviously) and they said that "Deleting resident key is not allowed at this time" and also later on, I quote:

no serious key vendors will allow updates
on firmware

eWBM (Twitter PM)

As a big fan of the Solo Lineup I honestly kinda take a bit offiense in that, also not to forget that allowing updates basically is a low-effort way of doing something for the environment as you can fix stuff without having to make new devices and stuff, which takes energy, resources etc.

This very obviously makes it very easy to assume that they have no firmware way of removing RKs and without buying new ones never will have.
But:

Looks like it DOES have Credential management

Now this is just pure awesome. This thing not only has WAY more RK storage than most people will need their whole LIFE, but also has credential management AND an optional FP reader in case they want more usability? even as the most expensive USB-A Fido2 device this thing looks awesome from SO MANY points of view that I am not only thinking about trying to get one permanently to use a primary, but also making it very interesting for people who dont use fingerprints.

another Update: too happy too soon

so after trying out a bit more apparently I was too happy too soon, as it turns out, that on my G310 the Resident Key Feature is kinda borked when working with multiple RPs (I should have tested this earlier, lol) where it (maybe, just theorizing) uses a loop to get through the keys and list them, but forgets to actually raise a counter or move a pointer to the next RP in line as it only shows the keys from the last used RP, but as often as there are RPs with RKs on the Device.

I have my G310 registered on my Personal Sandbox (multiple times), Microsoft and passwordless.dev, so it shows the key(s) I have on passwordless.dev, but 3 times

This obviously makes this a LOT of "fun" and while I honestly have no idea how the deletion is supposed to work with that I think I can do some testing in the future as there may be some workarounds to at least not be completely out of luck with these.


While it is very nice to not have to enter a PIN all the time for login, the device has some kinda interesting properties, like that in U2F mode (aka using the CTAP1 protocol), the Goldengate enforces fingerprints if set (orange LED), or I really love that their LED sends mixed signals, even though they have a multicolor LED which can blink and stay bright. for example a cyan blinking can stay for either fingerprintless CTAP2 Auth (either because there are no FPs yet, or the UV is set to discouraged) or A DEVICE RESET, SOUNDS FUN, I know. Blue Flashes can mean either enrollment or CTAP2 with FP, which sure is less devastating but still.
Although one big thing the LED has over all the others is that it not only is a multicolor LED (aside from this and the Solos are have single color (green) LEDs except the Plug-Up which has none at all, is that the Solo's LED colors are kinda obscured by the colorful cases and the fact the LED is basically in the center of the button. The Goldengate basically has a window for the LED next to the FP reader.

in general aside from some chaos with specific interactions of different clients (sometimes Edge on W10 1903+ won't recognize RKs registered on a different client), which are not really fault of the device, this one is the easiest to use, which really makes it nice.

While this is fun and all one thing I need to know is that the BioManager they have for setting the thing up is currently Windows (7 and up) and Mac, so currently there is no way to do Fingerprint setup on Linux (but you can at least use the PIN for basic use).

Krypton

Now this one is completely different.
This is a completely software-based U2F thing which runs on Android or iOS for Key storage and uses a plugin for Firefox and Safari, as well as Chromium and its derivatives to do the work on the browser.
It basically does a cryptographic pairing to your computer to make sure only computers that are authorized can use the keys stored and to do a pairing it is required (at least on Android) to pass the Security Method (PIN, Pattern FP etc), if set. Due to the Security of the Cryptographic pairing the devs are confident enough to not only allow using the app with notifications with the style of "do you want to sign in to github.com" or whatever, but also in a completely silent mode for any computers you trust enough, where it just silently answers any requests done immediately and you get in, basically your PC effectively acting as your Second Factor. There is basically only one Secure assumption and that is the pairing process. if you add a bad computer, especially with the Silent mode, it gets very messy very quickly.
While it does use the Keystore or Secure Enclave for Android and iOS respectively, it still is mostly software based and may be vulnerable to attacks full Hardware implementations do not have, so I would be very careful on whether or not to use it or what computers to pair it with.
One good thing privacy-wise is that they use seperate counters and with phones generally having more space I don't think (or at least I hope that) the same issue as with my old Key-ID won't happen with this.
One bigger "problem" although it probably is more a workaround than anything else is that the signatures falsify the User Presence flag. Generally speaking, a Device using Webauthn is supposed to return a flag whether the user was Physically present (in Meatspace) or not during Auth, and it SHALL NOT be set if no UP test has been performed, yet it does. Although granted Webauthn does not account for Silent checks, and website may respond weirdly to a properly-tagged silent auth.
Standards aside there are a couple things that can get really annoying. Not only does it also Silently register (and you cannot control silent register and Silent Sign-in seperately) if it doesnt exist already, which makes not only sandbox testing REALLY annoying, but also makes it so you essentially have to register Krypton before any other Fido Device. Also if you don't use Silent mode the Request notifications never go away, which is really annoying. For Silent mode you can choose whether or not to send a notif although I personally recommend using that so you at least know when you have been signed in and can take measures if it wasnt you.

Idem Card

So while I did get this nifty little thing for free, I did NOT get it from the maker but from a friend across the pond, and I WILL not be positively biased just for something like that.

so let's bring the first thing across. 60$ is REALLY not cheap, but this device IS pretty cool when you first look at its base specs.

I mean you not only have NFC and a chip on this card-like device, but also BLUETOOTH, no fucking joke, this thing has an integrated Battery AND can use it to run Bluetooth, and that's not even all. Alledgedly (I don't have this thing long enough to tell) this thing can run 60 days based on 10 logins per day or 120 days standby, ONE HUNDRED FUCKING TWENTY DAYS, that's 4 MONTHS (well almost, lol), but yeah I am not believing this until I see it, but if it can do that that's pretty damn impressive. also nice, if you do not have an NFC reader or Bluetooth at hand, but a contact based smartcard reader, you should be able to use that to run it too (due to the fact the NFC protocol originated from the one used on contact chips, although, not all work. I had success with a very Simple USB reader and one built into a Laptop, but the ReinerSCT cyberJack RFID komfort just did not want to recognize the card via contact chip (NFC does work tho), don't ask me why, that's just how it is), on the other hand the cyberJack RFID basis (a simple NFC reader originally intended for the German ID card which I got as a free extra in a like 5€ computer magazine in 2010, back when Germany was subsidizing these things left, right and center to get people to use the electronic functions of the new ID card) works just like a BEAUTY.

That is until we get to the major, and I mean MAJOR roadblock of this thing at least for me:

Compatibility

sadly FIDO methods that are not based on the HID method USB generally uses, are NOT supported in Browsers themselves, this leads to the fact that you can only use a device like this on a device where you have support on the OS Level. This results in currently the only supported OSes for this device being

  • Windows 10 1903 or later
  • Android
  • iOS

basically any Desktop that runs on an older windows (like me usually running 8.1 if I need Windows) or a wholly different operating System (like Linux or Mac) basically is out of luck with this card.

THIS SUCKS BIG!

adding insult to injury when trying some stuff around with some special Tools I noticed that the card I got doesn't even properly adhere to the FIDO2 spec (some data has to be ordered a certain way and if the application is strict about it, well bad for you), and they told me that that was done INTENTIONALLY in a way to work around something chrome tried on mac with Bluetooth (and iirc threw away again), and they fixed it in later batches, but how could it be different:

This Card CAN NOT be updated

you cannot imagine how hard I wanted to facepalm when I read that they did that intentionally on a device that cannot be updated. (but I decided I'd rather want to live so here I am)

the fact that this card cannot be updated was known to me prior to all of this as I did ask around long ago, but that they would try something THIS stupid is beyond me. honestly that this goes through as "FIDO2 Certified" is even worse. In my opinion, the Fido Alliance should make it that devices MUST offer updates if

  • they deviate from the spec
  • use a spec that is marked as preview

as these more often than not can lead to some serious issues, which just sux (see eWBM section above)

Ledger Nano S

So now for my newest Toy which I probably wouldn't have bought if it weren't for the recent 50% off coupon sale Ledger ran. We have the Ledger Nano S, some people may wonder why I bring a cryptocurrency Wallet in here, while others may have noticed what's going on.

The Ledger is made to be expandable and Expand they DID (and still do). There is a U2F Applet for this device and they are also developing a FIDO2 applet (no ETAs or progress reports tho, so we might still need to wait quite a bit for that.)

but what we DO know is that the ledger will support the txAuthSimple extension of WebAuthn, which is BIG, as there are currently only 2 makers out there that make devices with Screen and FIDO stuff. one is obviously Ledger, the other is Trezor, and while they DO support FIDO2, that is only on the FAR more expensive Model T (180€) and the Trezor One which is similarly prices as a Ledger Nano S, can only do U2F and I doubt that FIDO2 will reach the Trezor One considering that FIDO2 exists already and there is already feature disparity as well, so even when the Model T gets TxAuth in FIDO2, as that's currently not done yet and on low prio, the Ledger will still be MASSIVELY cheaper.

So most people probably won't know what txAuth even means so let me explain.

for example in Online Banking when you have to enter a transaction number (or do some other confirmation step), wouldn't it kinda be nice to know WHAT you are confirming? In Germany there have been sometimes more sometimes less proprietary methods to do so, where you have a device which either stores a key or accepts a card which instead has the key, then you scan some kind of code or just enter the transaction data) and if you scanned a code the device will actually SHOW YOU what the code contains so you can see the transaction you get the TAN for.

and txAuth is similar. basically you can add some text (or an image in case of txAuthGeneric) to your FIDO2 request and the device will actually show that to the user and sign that thing along.

This is very helpful for example could a website throw in some text about the login location or on an action needed to confirm show what is being confirmed and so on. This is the first step of replacing antique and/or proprietary methods with a standard that is open, which is always nice.

Also for obvious reasons this also means that the Ledger Nano S is updateable which is even more awesome, so any issues can be fixed directly without needing to replace devices or throwing out devices that perfectly work just to get a new feature in.

Archos Safe-T Mini

More Cryptowallets? OH YEAH!

The Safe-T Mini is a mixed bag. It is a relatively inexpensive device at 20€ but also has some SERIOUS drawbacks.

For Starters it isnt overly awesome at its original purpose as it only supports relatively few crypto assets, but putting that aside we have other purposes.

So this device runs U2F only, same as the Ledger, BUT sadly the firmware, which is open Source on Github, hasnt seen any changes for almost 2 years by now, which is REALLY sad, HOWEVER Archos apparently allows flashing custom firmware, so throwing in a FIDO2 firmware might be possible, maybe even without all the cryptocurrency stuff.

Also Same as a Ledger, This device's keys are generated using a seed Phrase which encodes a 256 bit master key, which can be restored. This can be seen as convenience but also as a problem for the Security, but what makes this feature pretty bad is the issue that the U2F Counter starts at 1 after Recovery, while on Ledger as you have to install applets and stuff it automatically sets the counter to the current Unixtime (which may become an issue 2038), to set the U2F counter to anything you need a python tool which basically is a commandline management tool for this provided by the maker.
Same as with Ledger, you are kinda hopeless without extra Software.
The worst is by far the recommended setup through there website where you have to install some weird bridge that runs in the background as a service and all.

The big difference tho is WHY you need software. On Ledger you need to install the U2F applet as the firmware is modular, while here as This device is basically a fork of the Trezor One, it needs a computer for setting up the Keys and takes some entropy for that from the computer (but also has some own so an evil computer cannot just seed the RNG and get expected results, but all the features are part of the Firmware, so U2F does not need any extra Setup.

also the recovery process is kinda hilarious and at least for the default one, not in a good way. basically you enter the words in scrambled order INTO YOUR COMPUTER and if you use less than 24, you will enter some extra random decoy words words to fill up the 24.

This is not an awesome way for recovery even if this is orchestrated by the device (aka which words you have to enter will be shown ONLY on the device screen), especially with just 12 words (luckily not the default for this device) when you recover twice with the same phrase on infected computers and the attacker is aware, they can just cross out which words werent in both attempts and it's highly likely they get just the real 12 as mutual words, and unscrambling these is a piece of cake as it literally is just 29 bits of entropy, basically nothing. and even on 24 words, you have 79 bits, which is a bit meh at least. when you can consolidate a lot of power, unscrambling that might not be that much of a problem, it might be now, but the future is usually there to be annoying in that regards.

The second type is a matrix-style input where you get a 3*3 (after the 3rd input of a word a 2*3) grid which shows letters and/or ranges of beginnings of the words and the layout of the matrix is randomized. it's a bit annoying to enter but a lot more useful for safer recovery as the computer is not aware of the matrix layout or anything

well let's get to the actual main part of the Review, the FIDO Stuff.

as I said no FIDO2, just U2F and you need to set the counter yourself on recovery.

but the obvious advantage is as with Ledger, the Display, even without FIDO2, as you can at least see WHO you are signing for, well partially.

As U2F gets the "appid" only as hash, it cannot display the website name directly. however for a few selected sites, the hashes are stored so they can be shown, and for most of these even with an image, which is really helpful at least for these.

for all other sites you get a middle-truncated hash, which shows the first and last 4 bytes (8 hex digits), which isnt too bad either and is imo a bit better than paging through all the hash or just blindly confirming because it's too much of a hassle.

What is also a bit sad is that the error handling is not ideal. When you try to login but this device wont help you it says that right on the screen, however when you want to register but you already have this device it asks whether to authenticate, which is confusing.

The Real issue

This device has however one critical flaw which I cannot miss. It has 4 so called "Secure Zones" and if you set up a PIN and forget it (or someone resets the device without providing the correct PIN (including maxing out the retry counter) this thing will basically blow up one of these zones, making it unusable, and if all 4 are gone, this device will de facto be E-Waste, which is NOT fun.

Comparison

firstly the objective table showing the basics of all the models I looked at above

NameModeButtonUVInterfacePriceStore
Plug-UpU2FNonenoneUSB-AN/A
Yubi 4
(nano)
U2FTouchnoneUSB-A40€ (big)
50€(nano)
mtrix
K9U2FTouchnoneUSB-A
NFC
N/A
Yubi 5Fido2TouchPINUSB-A
NFC
USB-C
Lightning
46€ (A+NFC)
51€ (A-Nano)
51€ (C)
61€ (C-Nano)
69€ (Ci)
mtrix
Blue YubiFido2
U2F
TouchPINUSB-A
NFC
18€ (U2F)
20€ (2)
26€ (NFC)
mtrix
Key-IDFido2PushnoneUSB-A10€Amazon
HyperFIDO
mini
U2FPushnoneUSB-A5,50€Amazon
HyperFIDO
Pro Mini
FIDO2PushPINUSB-A11,60€Amazon
SoloFido2PushPINUSB-A
USB-C
NFC
20€ (A)
25€ (C)
35€ (A+NFC)
40€ (C+NFC)
Amazon
SomuFido2TouchPINUSB-A35€Amazon
eWBMFido2TouchFP
PIN
(if no FP)
USB-A
USB-C
54€ (G310)
54€ (G320)
66€ (G450)
100€ (G500)
Pointblank
KryptonU2Fnotif
none
noneInternetFreeN/A
MultipassU2FPushnoneMicro-B
NFC
BT
37€mtrix
Idem CardFido2TouchPINNFC
BT
Chip
60$Amazon
USA
Ledger
Nano S
U2FpushPIN
(forced)
micro-B60€Ledger
Store
NameModeButtonUVInterfacePriceStore

secondly, the subjective Table giving a quick look of what I like and dislike about each one, some of these may seen as good by some people (or it doesnt matter to them), but it should be on attention point at the very least.

Devicegood stuffstuff for attention
Plug-Upwas VERY cheapno button, doesnt work very well anymore
Yubi 4
(nano)
very small, can do a LOTnano very sensitive to touch, accidential activate
not cheap
K9NFC for cheapnothing so far
Yubi 5nano exists
VERY versatile
RK Management on later revisions
Few RKs (25)
no delete on earlier revisions
generally not cheap due to versatility
the later models get more expensive
Blue Yubitrades versatility for cost
RK Management on later revisions
Few RKs (25)
no delete on earlier revisions
Key-IDnice and cheap(old model) died due to overuse
(new model) LED WAY too bright
HyperFIDO
Mini
cheapest for U2Fone-step global counter
HyperFIDO
Pro Mini
cheapest for Fido2
good amount of RKs (128)
no RK Management
SoloOpen Source
hacker friendly
Not that many RKs (50)
USB-C stability (according to others)
interaction of LED with colored cases
Somu Open Source
hacker friendly
Small size
(for permanent attachment)
Not that many RKs (50)
interaction of LED with colored cases
eWBMFido2 L2
A LOT of RKs (242)
Fingerprint Sensor
RK management
dependent on Bio Manager
no updates
(G450/G500) REALLY expensive
RK management borked
KryptonFree Solution
Silent mode allows
frictionless 2FA
Open Source
Software-based means less potential Security
Request notifs don't automatically go away
Only works with browsers
Multipassvery versatile
nowadays not as expensive
U2F only
Idem Cardvery compact
FIDO2
can use contact-chip as well as wireless methods
Bluetooth
not cheap
due to not supporting USB-HID compatibility limited
(Windows 10 1903+ and mobile only)
Intentionally against Spec
Cannot be Updated
Ledger Nano SDISPLAY (allows you to see where a request comes from)
more uses than FIDO stuff
UPDATES
6 colors
on retail price, definitely not cheap
currently no FIDO2
clonable via Recovery seed

Conclusion

To be updated

Simply said while I have to say that this article was more or less sparked by eWBM, I had something like this in mind for quite a while by now, and it's kinda weird to say that of all the possibilites, they certainly score top in Usability, even though not without their own problems. Generally I think that one cannot just declare one as a winner and the rest as losers or whatever, although when just looking at U2F/Fido2 the Yubikey series (both 4 and 5) are worst in price to performance, while the "Security Key" Lineup (just be careful you either get the one with a 2 marked into the plastic or the NFC version if you want Fido2) being a lot better with the "Security Key NFC" being a clear winner in price to performance (26,17€ plus shipping on mtrix) with the cheapest Fido2 device being the Solo for 20€ on amazon.de, the cheapest U2F key currently being the Hyperfido Mini with just 5,50€, although when just starting along or adding a bit of security without having to buy into anything, Krypton can be a nice solution.

Generally I think people should just choose what they want and I just try to provide details so users have a baseline what what can be chosen. Granted, there are a LOT more Devices available (for example the Hyperfido Mini Pro being the cheapest currently available FIDO2 device on amazon), which I don't have although I doubt there's too much difference between U2F Models, except for some rather small things.

Update Notes

23. May

  • Added Feitian Multipass, GoTrust Idem Card and Ledger Nano S
  • minor corrections

16. January

  • Added Somu, Blue Yubi and HyperFIDO Pro Mini
  • eWBM RK Management is borked

15. January

  • Change eWBM stuff in regards to RK management
  • a few other small things

5. January

  • Added HyperFIDO Mini and Krypton

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.