Yubico Launches YubiKey 4 and Touch-to-Sign Functionality at DockerCon Europe 2015


BARCELONA, SPAIN--(Marketwired - Nov 16, 2015) - Yubico, the leading provider of simple and open online identity protection, today announced the launch of the YubiKey 4, Yubico's next generation authentication device, at DockerCon Europe 2015, November 16-17 in Barcelona, Spain. Yubico's 4th Generation YubiKey includes the first of its kind touch-to-sign feature, the latest secure elements supporting longer public/private keys, faster cryptographic operations, and more.

Announced during the DockerCon keynote, Yubico and Docker, the open platform for building, shipping and running distributed applications used by millions of developers and system administrators, have deployed the world's first touch-to-sign code signing system using YubiKeys, helping secure software development for Docker developers. With the YubiKey 4, Docker users can digitally sign code during initial development and through subsequent updates to ensure the integrity of the Dockerized applications and guard against malware or other nefarious attacks.

"This is an important milestone for Yubico and our community as we move beyond authentication to address another area in which the YubiKey shines, using our hardware to perform cryptographic sign operations," said Jerrod Chong, VP, Solutions Engineering, Yubico. "Having root keys stored in the secure element of the YubiKey means attackers cannot duplicate the keys and forge sign operations; insecure storage of keys in software modules is often the root cause for many of the vulnerabilities found in software packages."

YubiKey 4 features also include:

  • Works on Microsoft Windows, Mac OS X, Linux operating systems; and major browsers
  • Supports multiple authentication protocols, including Yubikey OTP, smart card, and FIDO U2F
  • Hardware secure element
  • RSA 4096 for OpenPGP
  • Support for PKCS#11

"Our collaboration with Yubico adds to our growing portfolio of container security capabilities, enabling developers to sign their code with a simple touch," said Scott Johnston, SVP of Product Management, Docker. "Our ability to ensure security while maintaining a consistent developer experience is paramount, and this solution helps us and our users achieve both."

Yubico's Chong will be participating in a DockerCon Community Theater session 'The Future of Hardware-Backed Keys' on Tuesday, Nov. 17th, from 12:40 to 12:55 p.m. Chong will discuss the many ways enterprises are seeking higher security use YubiKeys. With YubiKey, one device provides a wide range of secure access, including code signing, remote access and VPN, password managers, computer login, multifactor SSO to identity and access management systems, and U2F support for popular online services like GitHub, Dropbox, and Google accounts.

Yubico will be exhibiting YubiKey 4 code signing within the Docker platform and FIDO Certified™ Universal 2nd Factor (U2F) authentication functionality throughout DockerCon at booth #21. For more information and to learn more about Yubico, YubiKey 4 and FIDO U2F, please visit www.yubico.com.

About Yubico

Yubico sets new world standards for simple, secure login, preventing unauthorized access to computers, servers, and internet accounts.

Supporting multiple authentication and encryption protocols on all devices and platforms, YubiKeys protect access to user accounts for the world's largest enterprises with a simple touch, and with no driver or client software needed. Yubico is a leading contributor to the FIDO Universal 2nd Factor open authentication standard, and Yubico's technology is used, and loved, in more than 150 countries.

Founded in 2007, Yubico is privately held with offices in Palo Alto (California), Seattle (Washington), Stockholm (Sweden), and London (UK). For more information, please visit www.yubico.com.

All product and company names herein may be trademarks of their registered owners.

Contact Information:

Media Contact

Ronnie Manning
Yubico Public Relations
619.822.2239

Yubico, Docker Revolutionize Code Signing