I have loved Hardware based security for a Fucking eternity, and so I accumulated quite a few different Devices (for the rest of this article, "key" generally refers to the cryptographic keys to avoid confusion) over the years.
so now I am going to compare them.
- The very Simple U2F Stick from Plug-Up
- Yubikey 4 Nano (pre-ROCA)
- Key-ID U2F stick (old model)
- Yubikey 4 Nano (Post ROCA, free)
- Feitian NFC Key (K9)
- Key-ID U2F stick (New model, free)
- Yubikey 5 NFC
- Solo Hacker USB-A
- Solo Tap Secure USB-C
- Solo Secure USB-A
- eWBM Goldengate G310 (Free, for now)
- Hypersecu HyperFIDO Mini
- Krypton (not actually a Device)
- Yubico Security Key
- Somu Secure
- Hypersecu HyperFIDO Pro Mini
As you can see I noted that I got 3 of them for free, and because transparency is a given I'll explain the circumstances of each as we go along.
I also do want to stress that aside from the Goldengate, most of this is based on the experience of my life with the thing and not a specific test, but as I got the Goldengate specifically for this purpose I went out of my way to test some things.
Also I will update this post as more stuff comes along, Also do note that I am not ordering chronologically but by theme so I don't have to get overly redundant.
Also as this Article is getting WAY too fucking long already (and I plan adding more devices over time, every device section gets a nice Spoilerbox, so at least scrolling the Version on the site isnt as painful as scrolling in the editor.
As alluded in the list already this is a VERY simple device. Unlike almost all other Fido-compatible devices this one lacks a button and instead does user presence checks by pulling it out and plugging it in again where I assume, the Stick only waits a few seconds to actually sign something. Currently I can not really get this thing to work, I am not really sure why, but the device is Recognized by the computer, so it is kinda weird.
I would say this device is a nice way to do your very first steps with U2F and was the cheapest at 5€ back in the day (Jan 2016) but seems not to be sold anymore
Yubikey 4 Nano
Since these two are basically the same I am going to screw the order a bit and do them together. basically the Yubikey is something we in Germany call an "Eierlegende Wollmilchsau", which basically is a (fictional) animal which can provide eggs, wool, milk and meat, basically providing more or less everything one can think of.
Similarly the Yubikey depending on which you got, Provides A LOT of functionality.
The Yubikey 4 to be precise can do the following
- Various modes for Static and dynamic passwords (2 slots), while acting as a keyboard, including a factory provided Yubico OTP, HOTP, and the noted static password
- HMAC based challenge-response (uses the same 2 slots as above)
- Smartcard Features (e.g. Windows Login in Active Directories or using extra tools.)
- PGP Key functionality
As you can see, a LOT. U2F works pretty well, which makes sense considering they were among the first to implement it. The other features can be fun to use but especially the password modes are a bit sad considering there are only 2 slots (which is understandable though given that they are accessed by short and long tap of the metal area)
Regarding ROCA, there is essentially a bug in the Yubikey in the RSA generation that the Randomness is garbage allowing the private key to be reconstructed RELATIVELY easily (somewhere in the weeks to months range) and more importantly, in milliseconds one can find out whether a key is affected, allowing someone with interest to easily find out which keys to attack. Afer this came to light Yubico made a Replacement program for all affected Devices, including my first Yubikey 4 Nano. Since U2F is using Elliptic keys though, U2F is entirely not affected and the device is still usable for anything that doesnt involve generating RSA keys on the device.
This Device is fairly similar to the 4 Nano as it is also a Yubikey, but basically comes with new stuff.
- NFC (the entire Generation 4 had no NFC)
- Fido2 (PIN based)
- Resident Key storage
The Benefits of NFC are kinda obvious, with supported phones one could easily fo 2 Factor without needing any USB adapters or special USB support which isnt always given.
Fido2 allows the Device to do User Verification, aka, not only confirming that some person is present and pushing it, but also that that person is actually authorized to use that device and therefore key, allowing for a full two-factor auth to occur on the Device and no passwords or otherwise sensitive data to be sent over the internet.
Although with how U2F worked previously with generally the device storing a dynamic half of the key on the website and using a master secret as a second half for the key (simiplified) the big "Problem" is that while it can authenticate a user, a user has to be identified first, for example by entering your username.
Resident keys remove the need for that by the key having a storage space for full keys along with a little bit of metadata (like a display name) which allows the Device to not only verify but also identify the user, basically allowing a Usernameless login which only involves clicking a button on the website to start, tapping your Device, entering your PIN and selecting which key to use (if multiple keys exist for any given website) and you are basically in.
This is very fun, but there are a few problems. Not only is storage space limited, but SECURE storage is generally even MORE limited. The Yubikey 5 can only store (according to what they say) 25 Resident Keys, which isn't really a LOT, and to top it all off, the only way to delete your RKs is to RESET THE ENTIRE DEVICE (in case of the Yubikey specifically only the U2F/FIDO2 module needs a reset), which also wipes the master secret for the normal split keys, forcing you to re-register everywhere when you need to get rid of a usernameless login somewhere.
SERIOUSLY, why am I the one who has to tell companies something so FUCKING OBVIOUS?
SOUNDS LIKE FUN! Imagine a CD-RW where the only way to truly alter data was to reburn the entire disc and you basically only could write new data until it was full if you don't want to reset. Add to this that you cannot backup or otherwise keep a copy of the Keys (granted, this is normal and makes sense), but how can someone miss something so PAINFULLY OBVIOUS!?! (granted they fixed it in a later firmware version, but Yubikeys cannot be updated, so well...
Although if you want a device from Yubico but dont need USB-C or any of the Yubikey-specific feature but only U2F/Fido2, I rather recommend looking at the FAR cheaper "Security Key" lineup from Yubico (below), because while the Yubikey 5 NFC isnt cheap, the smaller and USB-C versions are REALLY getting expensive, and that even more so when getting the 5Ci which has a lightning port to work with iPhones and iPads which recently adopted Support for them.
Yubico Security Key
The Yubico Security Series (I often just refer them as Blue Yubis, as they look very similar to Yubikeys with the most obvious difference being that the Security Keys are blue) are basically much more simple Devices Yubico is offering, unlike the Yubikeys which support borderline every type of authentication in existance as long as you can do it over USB or NFC, the Blue Yubis are focused around the Fido protocols, which currently means U2F and Fido2. There are 3 of them existing, the original, the updated model with support for Fido2 (which can be recognized by a 2 being molded into the plastic) and the NFC version which is basically the 2 but with NFC, while it doesnt have the big 2 in the plastic, the touchbutton has some wireless-style waves around the "key" icon to indicate it being NFC, and as the Blue Yubi NFC only exists as a version with Fido2 it is enough to specify the device.
Basically it has the same functionality as the Fido Module of the Yubikey 5, which generally means:
- Simple U2F support, Tap and go
- Fido2 support with a PIN as UV
- 25 Resident Keys (the lowest I have seen so far)
also depending on the firmware, you get extra features:
- before 5.2.3 you have RSA (nobody really uses that)
- 5.2.3 onwards you have
- RK management
- credential protection (e.g. an RP can say that without UV the device may not even tell the client whether or not a credential is available for use on that speific site.
I specifically got the Blue Yubi NFC for trying out Resident Key management and stuff because it obviously is very awesome to have control over the Resident keys (kinda sad though that I have to declare that as awesome)
The management works generally very well, it needs a PIN to access and generally does what it should, delete keys and so on.
Key-ID U2F Sticks
The old model Key-ID Stick was one of my Favorite U2F sticks and I use it a LOT for dev stuff which apparently led to its downfall, while many Fido Devices have a global counter for better or for worse, this one seems to use separate counters for the different registrations, and while I can use it in some places I still have it registered, it just blocks new registrations entirely, I really liked that this one is small but not too small and has a physical button instead of a touch element, which in case of my Yubi nano seemed quite a bit too sensitive, spawning OTPs left and right...
Due to the fact it no longer registering I got a new model for free to try, which sure is nice but not without its own problems.
It is very small making it easier to lose, or depending where you plug it it, harder to pull out of you don't have a strap attached, also the green light is EXTREMELY bright which while in normal light situations can be annoying, but is really bad when it's dark.
This model does use a global counter though so I don't think it'll easily die like the first.
Hypersecu HyperFIDO Mini
This is the cheapest Hardware device currently available in the entire Lineup.
While it only does U2F, most Sites dont work yet with Fido2 or even Webauthn for that matter, so that wouldn't be an issue. What MIGHT be an issue though is the global, one-step counter (in other words, it always counts up by one, and the same counter is used on all sites) for Privacy reasons. While you generally cannot easily cross-site track a specific device just by its attestation certificate as these are generally assigned not to individual devices, but rather batches of hundreds or even many THOUSANDS of shipped ones of a single model (unless we are talking about custom ones, which are obviously unique). but when observing the counter behavior of Keys with one-step global counters this may lead to a relation over time, although this is generally not very easy.
The Stick is VERY similarly built to the new model Key-ID one (which is why this section is right below this), but has not taken one of the more obvious shortcomings the Key-ID has:
Hypersecu HyperFIDO Pro Mini
the Hyperfido Pro Mini is basically the same as the one without the Pro from the outside but it supports Fido2.
Sadly there is almost no difference between the 2 except for the engraved things like serial number or whatever, but this thing is nothing to sneeze at, because it is with big margin the cheapest Fido2 Stick I got so far for just 11,60€, and even has the second largest RK storage of them all (I counted 128 registrations (seriously, entering the PIN THAT often just is a big pain, so I have been doing it so no one else has to.)
It also has the much less bright light that the normal Mini had in comparison to the Key-ID, which makes it not too bad in my opinion. it certainly does its job nice and seems to be a very good starting point for Fido beginners.
Feitian K9 NFC
Back in the day when I wanted to try U2F on phone you only could use Bluetooth or NFC with the latter being FAR cheaper also needing less care as there isnt any battery needed, and at the time it was the cheaptest NFC key by far (15€ on amazon) It's pretty simple to use with USB you just plug it in and touch when it's blinking to confirm U2F, with NFC, you just slap it on your phone. there isn't really much to say except that I also like the device for being not overly large, but also not too small and just plain working and not having overly bonkers features enabled by default (I read that there is HOTP functionality, but HOTP is borderline never used so cant really try that a lot, and why should I HOTP when I can U2F instead? lol)
The Solo Devices are fairly special for 3 main reasons:
- They are completely open Source (both Soft- and Hardware)
- "Hacker" Editions, which have a completely open Bootloader for doing whatever you want exist for each model.
- They support Updates, meaning you are not forced to buy another Solo if a crazily obvious feature was omitted when you bought your Device, or having to get replacements in case of a vulnerability.
The Solo exists in 4 Base models, which basically falls in the following categories:
USB-A or USB-C
With or without NFC
and of each of those 4 models you can get a Secure or a Hacker variant. basically the secure variant is locked to signed firmware by Solokeys (aka the maker), while the Hacker can be customized however you want, at the cost of not having the real attestation, for obvious reasons.
While I do like the possibility of having hacks I am honestly not really good in programming outside of Web-Stuff (whether that can be considered programming is debatable, I know)
The Solo is very simple to use and while it has a push button that is definitely not weak, the clicky sound is REALLY satisfying, although you really should support the it from below when clicking it to not break your USB port (A version) or plug (C-Version), where you can already see one of the disadvantages of the USB-C Version. while the USB-A version not only has its plug not only as part of the PCB, but also as a result of that, the PCB is REALLY thick, making the USB-A Versions borderline unbreakable, unless you are actively trying to do that (please dont). As the USB-C port does not have the ability to just be a part of the PCB it has to be soldered on, with some newer iterations adding more solder points for stability, but since my U2F lineup generally has it quite rough in my bag, I am not going to take any risks and put my Solo in a case, so there's essentially no way it'll break off that easily.
The Solo supports both U2F and Fido2, same as the Yubikey 5 it uses PIN for verification if asked for it, but as a big step upwards, the solo can store up to 50 Resident keys (not tested), and while they currently dont have any RK management, it is planned, and current customers are not screwed because of the update capability.
Solokeys is also in the process of making a tiny version of the Solo, called the Somu, which basically can be compared with the Yubikey Nano in regards of form factor, otherwise it will be mostly identical to the Solo A, although sadly more expensive, which is understandable though due to being harder to make obviously.
one of the few things that arent perfect on the Solo though is that while it does offer the super awesome feature of colored silicone cases, there isnt any truly transparent place for the light to shine through, so the LED's color gets filtered by the case color making some colors harder to see depending on the case, like when the Solo goes yellow for an authentication, on a blue case it's just green because the Red part gets filtered more strongly than the green, opposite on a red case, where it looks a lot more Red than anything else.
In case you live in the US (otherwise shipping will be expensive) you can buy them using this (afiliate) link (no discount, don't blame me for the URL):
The Somu basically is a MUCH smaller version of the Solo, basically what a Yubikey nano is to a Yubikey, the Somu is to the Solo.
So it has the same basic features as a Solo USB-A with also a Secure and a Hacker version existing.
Frankly there is not much to say about this what hasn't been said about the normal Solo already.
It mostly exists to permanently stay in a USB port like for example a Laptop or PC. That way you dont have to fiddle around with the big Sticks and can just lightly tap the side of your Laptop or whatever and use that to do your Fido needs.
Also, in case you live in the US (otherwise shipping will be expensive) you can buy them using this (afiliate) link (no discount, don't blame me for the URL):
eWBM Goldengate G310
for starters first things first: as lined out on the top I got my G310 for free (I literally just asked for it lol) for review purposes,
and I am honestly sad that as it stands currently, that I will have to send it back in January (although understandable, as it isnt really a cheap device) and now I can keep it, which makes me happy.
The Goldengate Series is as advertised by eWBM, the first Fido2 Device with an L2 certification, which certainly is a nice thing. It also is the first Fido2 Device I own that uses Fingerprints instead of PIN.
The Goldengate Series consists of 4 different Models where 2 are essentially completely equal (G310/G320) except for one having a USB-A and the other having a USB-C port. the other 2 (G450 and G500), according to eWBM, only differ in shape.
the fingerprint reader works mostly well, at least if you actually take care of scanning your complete finger. it doesnt ask for that many scans, and you sadly don't get an option to continue scanning that finger to get a better image, so be a bit careful with enrolling, also after you stored your fingerprint you have no way to rename them or knowing which is which, so be careful to keep track or just delete them if you want to reorganize.
Also, when putting the G310 onto a USB extension cord (I know it's not part of the USB spec but guess what, I don't care) and then try to use the FP reader in basically any rotation imaginable, it works all the time, if you are careful and put your finger nicely onto the reader, so that's very nice.
One thing you might wanna know though is that while the Stick allows for 15 false FPs before locking itself, after every 3 tries it will require a reboot, basically pulling it out and plugging it in again, which is the same other Fido2 keys require for the PIN, and the PIN runs on 8 tries, same as other Fido2 devices, as per spec.
biggest annoyance is that you need the Bio Manager to unlock the FP scanner though.
If you have Windows 10 1903 or later, the Goldengate is essentially seamless to use as W10 1903+ has "Security Key" Management options in the account Settings part of the PC settings. on other OSes you can (or rather have to) use the Goldengate Bio Manager to enroll your Fingerprints, which did work nice on my WIndows 8.1, although the sofware sometimes gets weird errors and basically needs a quick restart of itself or a replug of the stick. One thing I REALLY like though is the fact that you can at least Quickstart without using any software or Fingerprint Setup. in case there are no FIngerprints set, the FP management PIN doubles as Fido2 Auth PIN and vise versa, basically if you want to sign up to a site which forces Verification with a fresh Goldengate, you will be asked to create a PIN which you can use for Login while you have no Prints, and then later use the same PIN to manage your FPs, which is a really nice feature.
One fun thing to note aside though is that they TOTALLY lied in my face (well not actually as it happened in twitter DMs).
They said the stick can store up to 200 Resident Keys (which already is 8 times Yubi or 4 Times solo, but after I went though with my Resident key registration loop script I got 242 before the device started complaining, which definitely is a nice number. although this thing REALLY gets slow with RKs if you have over 100 keys on that specific site you try to use (although let's be real, that's borderline never going to happen unless you purposely try this).
but what I didn't like is that yet again, they also have no way to delete RKs without wiping the entire Stick -.-
Sure while this probably wont happen too often with a keyspace that big, when it DOES happen it is so much more devastating.
Well whatever, also while I was told that they plan to add this into their Bio Manager, I frankly am not sure whether their firmware even supports doing something like that, and OF COURSE there are no updates as they consider an update process that is doable by users as insecure (lol signatures are a thing)
BIG Update: eWBM LIED TO ME
(Quick Note: obviously being sarcastic here)
So I based my statement on the fact that the Goldengates don't run RK Management on statements I got from eWBM in the VERY Long Twitter PM thread where I basically had a whole mix of stuff between complimenting them for good stuff, offering my ideas on things that were maybe not ideal and straight ranting about things I REALLY hated, as well as due to the fact that it kinda took a while for a device to arrive, poking a metric fuckton of questions about the thing so I am prepared for when it arrives and can already point out stuff without actually having to have the Device yet. This includes the very obvious question on whether the device has RK Management as pinpoint-grilling is something I consider kinda important (obviously) and they said that "Deleting resident key is not allowed at this time" and also later on, I quote:
no serious key vendors will allow updateseWBM (Twitter PM)
As a big fan of the Solo Lineup I honestly kinda take a bit offiense in that, also not to forget that allowing updates basically is a low-effort way of doing something for the environment as you can fix stuff without having to make new devices and stuff, which takes energy, resources etc.
This very obviously makes it very easy to assume that they have no firmware way of removing RKs and without buying new ones never will have.
Now this is just pure awesome. This thing not only has WAY more RK storage than most people will need their whole LIFE, but also has credential management AND an optional FP reader in case they want more usability? even as the most expensive USB-A Fido2 device this thing looks awesome from SO MANY points of view that I am not only thinking about trying to get one permanently to use a primary, but also making it very interesting for people who dont use fingerprints.
another Update: too happy too soon
so after trying out a bit more apparently I was too happy too soon, as it turns out, that on my G310 the Resident Key Feature is kinda borked when working with multiple RPs (I should have tested this earlier, lol) where it (maybe, just theorizing) uses a loop to get through the keys and list them, but forgets to actually raise a counter or move a pointer to the next RP in line as it only shows the keys from the last used RP, but as often as there are RPs with RKs on the Device.
This obviously makes this a LOT of "fun" and while I honestly have no idea how the deletion is supposed to work with that I think I can do some testing in the future as there may be some workarounds to at least not be completely out of luck with these.
While it is very nice to not have to enter a PIN all the time for login, the device has some kinda interesting properties, like that in U2F mode (aka using the CTAP1 protocol), the Goldengate enforces fingerprints if set (orange LED), or I really love that their LED sends mixed signals, even though they have a multicolor LED which can blink and stay bright. for example a cyan blinking can stay for either fingerprintless CTAP2 Auth (either because there are no FPs yet, or the UV is set to discouraged) or A DEVICE RESET, SOUNDS FUN, I know. Blue Flashes can mean either enrollment or CTAP2 with FP, which sure is less devastating but still.
Although one big thing the LED has over all the others is that it not only is a multicolor LED (aside from this and the Solos are have single color (green) LEDs except the Plug-Up which has none at all, is that the Solo's LED colors are kinda obscured by the colorful cases and the fact the LED is basically in the center of the button. The Goldengate basically has a window for the LED next to the FP reader.
in general aside from some chaos with specific interactions of different clients (sometimes Edge on W10 1903+ won't recognize RKs registered on a different client), which are not really fault of the device, this one is the easiest to use, which really makes it nice.
While this is fun and all one thing I need to know is that the BioManager they have for setting the thing up is currently Windows (7 and up) and Mac, so currently there is no way to do Fingerprint setup on Linux (but you can at least use the PIN for basic use).
Now this one is completely different.
This is a completely software-based U2F thing which runs on Android or iOS for Key storage and uses a plugin for Firefox and Safari, as well as Chromium and its derivatives to do the work on the browser.
It basically does a cryptographic pairing to your computer to make sure only computers that are authorized can use the keys stored and to do a pairing it is required (at least on Android) to pass the Security Method (PIN, Pattern FP etc), if set. Due to the Security of the Cryptographic pairing the devs are confident enough to not only allow using the app with notifications with the style of "do you want to sign in to github.com" or whatever, but also in a completely silent mode for any computers you trust enough, where it just silently answers any requests done immediately and you get in, basically your PC effectively acting as your Second Factor. There is basically only one Secure assumption and that is the pairing process. if you add a bad computer, especially with the Silent mode, it gets very messy very quickly.
While it does use the Keystore or Secure Enclave for Android and iOS respectively, it still is mostly software based and may be vulnerable to attacks full Hardware implementations do not have, so I would be very careful on whether or not to use it or what computers to pair it with.
One good thing privacy-wise is that they use seperate counters and with phones generally having more space I don't think (or at least I hope that) the same issue as with my old Key-ID won't happen with this.
One bigger "problem" although it probably is more a workaround than anything else is that the signatures falsify the User Presence flag. Generally speaking, a Device using Webauthn is supposed to return a flag whether the user was Physically present (in Meatspace) or not during Auth, and it SHALL NOT be set if no UP test has been performed, yet it does. Although granted Webauthn does not account for Silent checks, and website may respond weirdly to a properly-tagged silent auth.
Standards aside there are a couple things that can get really annoying. Not only does it also Silently register (and you cannot control silent register and Silent Sign-in seperately) if it doesnt exist already, which makes not only sandbox testing REALLY annoying, but also makes it so you essentially have to register Krypton before any other Fido Device. Also if you don't use Silent mode the Request notifications never go away, which is really annoying. For Silent mode you can choose whether or not to send a notif although I personally recommend using that so you at least know when you have been signed in and can take measures if it wasnt you.
firstly the objective table showing the basics of all the models I looked at above
(if no FP)
secondly, the subjective Table giving a quick look of what I like and dislike about each one.
|................||best things||biggest problem|
|Plug-Up||was VERY cheap||no button, doesnt work anymore|
|very small, can do a LOT||nano very sensitive to touch, accidential activate|
|K9||NFC for cheap||nothing so far|
|Yubi 5||nano exists|
RK Management on later revisions
|Few RKs (25)|
no delete on earlier revisions
generally not cheap due to versatility
the later models get more expensive
|Blue Yubi||trades versatility for cost|
RK Management on later revisions
| Few RKs (25)|
no delete on earlier revisions
|Key-ID||nice and cheap||(old model) died due to overuse|
(new model) LED WAY too bright
|cheapest for U2F||one-step global counter|
|cheapest for Fido2|
good amount of RKs (128)
|no RK Management|
|Not that many RKs (50)|
USB-C stability (according to others)
interaction of LED with colored cases
|Somu|| Open Source|
(for permanent attachment)
|Not that many RKs (50)|
interaction of LED with colored cases
A LOT of RKs (242)
|dependent on Bio Manager|
(G450/G500) REALLY expensive
RK management borked
Silent mode allows
|Software-based means less potential Security|
Request notifs don't automatically go away
Only works with browsers
To be updated
Simply said while I have to say that this article was more or less sparked by eWBM, I had something like this in mind for quite a while by now, and it's kinda weird to say that of all the possibilites, they certainly score top in Usability, even though not without their own problems. Generally I think that one cannot just declare one as a winner and the rest as losers or whatever, although when just looking at U2F/Fido2 the Yubikey series (both 4 and 5) are worst in price to performance, while the "Security Key" Lineup (just be careful you either get the one with a 2 marked into the plastic or the NFC version if you want Fido2) being a lot better with the "Security Key NFC" being a clear winner in price to performance (26,17€ plus shipping on mtrix) with the cheapest Fido2 device being the Solo for 20€ on amazon.de, the cheapest U2F key currently being the Hyperfido Mini with just 5,50€, although when just starting along or adding a bit of security without having to buy into anything, Krypton can be a nice solution.
Generally I think people should just choose what they want and I just try to provide details so users have a baseline what what can be chosen. Granted, there are a LOT more Devices available (for example the Hyperfido Mini Pro being the cheapest currently available FIDO2 device on amazon), which I don't have although I doubt there's too much difference between U2F Models, except for some rather small things.
- Added Somu, Blue Yubi and HyperFIDO Pro Mini
- eWBM RK Management is borked
- Change eWBM stuff in regards to RK management
- a few other small things
- Added HyperFIDO Mini and Krypton