Yubico has released an updated version of its Personal Identity Verification (PIV) tool. The Yubico PIV Tool 2.0 was designed to help organizations program and manage large numbers of YubiKeys for their employees, allowing them to use YubiKeys instead of smart cards for public key infrastructure. To that end, organizations can use the PIV Tool to generate new keys and import existing keys and certificates.
The most noteworthy new feature being introduced with the PIV Tool 2.0 is the PKCS#11 module, which makes the Tool compatible with Fortify, Java’s keytool, and the Firefox web browser, amongst other applications. It will also enable a number of new communication functions, including encryption, decryption, signatures, and signature verification.
Other new utilities include the ability to open multiple parallel PKCS#11 sessions, attestation certificates for keys stored on the YubiKey PIV interface, and padding for RSA operations.
The Yubico PIV Tool 2.0 arrives shortly after Yubico unveiled a new FIDO2 hardware device that is being developed in collaboration with RSA Security. The company is currently assisting with a national ID project in the Faroe Islands, and announced its first biometric security key at the recent Microsoft Ignite event in October. The YubiKey Bio leverages fingerprint recognition for an additional layer of security.