FIDO U2F plugin?

U2F, or Universal Second Factor is a newish standard for 2FA that adds an extra layer of crypto-based security on top of traditional 2FA methods like SMS or time-based codes. U2F devices store private keys, indexed by web origin, and when you want to log in, the browser communicates with the device and asks it to sign a challenge presented by the server (which holds the public key). The device flashes a light, you press a button, and the device sends back the signed challenge. The server checks the signature and logs you in.

I’m not sure if there’s enough room on the ATmega32U4 to fit both the keyboard firmware and a crypto library, but there’s prior art for making an Arduino-based U2F key anyhow :slight_smile:


I think the Atmega32u4 lacks the capacity required for this. ~28k flash, and 2k SRAM is - I think - too small to have both an U2F implementation and keyboard firmware in it.

On the other hand, the micro-ecc library, that implements the crypto parts does support AVR, and may even fit in size… and ECC keys are small (32 bytes or so), so we may even be able to store them.

Oh boy.

1 Like

That’s a Teensy 3, which is a much more powerful ARM.

It’s worth writing a trivial sketch and seeing how big the code is. From there, we can think about optimization.

1 Like

I’ve seen storage issues being brought up a few times now. Is there any kind of possible mod which would increase storage capacity for those who want to do fancier things with their keyboard?

You could - at least in theory - attach an external EEPROM chip to the keyboard, significantly increasing its storage capacity.

Or even upgrade the microcontroller itself to something a little beefier like the ATmega1284 or even an Arduino-compatible ARM device…

1 Like

Just came across this thread, interesting ideas! What about using the expansion connector, and adding a simple daughterboard with a processor which can handle U2F processing?