Contemplating using YubiKey’s challenge-response feature to hash public passphrases.
By public, I mean an attacker could potentially exfiltrate passphrases but, not having YubiKey*, passphrases would be useless.
Is such as scheme secure in 2022 and is it quantum-computing safe?
Thanks for helping out!
*HMAC is computed on YubiKey using secret stored on secure element.
HMAC-SHA1 is supposed to still be secure since the security of HMAC only requires weak collision resistance of the underlying hash. Mihir Bellare had a paper from the mid 2000s discussing this in detail, but I can't find an active link for it now. However, he apparently did some later work with some others on the subject that you can find here.
As for your QC question I don't know.
