Articles

learn more about encryption

Using Yubikey

In order to encrypt with Yubikey click the 'Yubikey' button when you are shown the password window.

The program will show the "simple" Yubikey window. Check the box 'Protect with Password' to use the 'Yubikey + Password' scheme. Additional password can protect your confidential data if your Yubikey is lost or stolen. See the introductory article for a more detailed analysis.

The window above is used to encrypt data with a single immediately available Yubikey. If the Yubikey belongs to another person, or if the file is to be decrypted by several users, each with a different Yubikey, you will need a more advanced dialog. Press the "Full>" button to open the "full" Yubikey window.

This window lets you create a list of Yubikeys that are allowed to access the encrypted data. You can add Yubikeys to the list directly, inserting them one by one, or from pre-created Yubikey lists. As in the "simple" dialog, you can check the box 'Protect with Password' for added security.

By clearing the checkbox at the beginning of a Yubikey line you can set read-only access for the given Yubikey.

Although Kryptel does not allow any modification if the file has been opened with a read-only Yubikey, such a technical possibility exists. Even a read-only Yubikey gives access to the actual encryption key, so the opponent can write a custom program to modify the encrypted file directly, circumventing Kryptel components.

See Also