SoylentNews

Some YubiKey FIPS Keys Allow Attackers to Reconstruct Private Keys

posted by Fnord666 on Tuesday June 18 2019, @04:51AM   
from the not-so-compliant dept.

upstart writes:

Submitted via IRC for SoyCow4463

Some YubiKey FIPS Keys Allow Attackers to Reconstruct Private Keys

Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up.

YubiKey FIPS Series key affected by this issue are the YubiKey FIPS, the YubiKey Nano FIPS, the YubiKey C FIPS, and the YubiKey C Nano FIPS — other Yubico products are not impacted.

According to Yubico's advisory, "random values leveraged in some YubiKey FIPS applications contain reduced randomness for the first operations performed after YubiKey FIPS power-up."

More to the point, on affected Yubico products, the buffer holding the keys derivation random value used by RSA and ECDSA algorithms contains some predictable data which leads to the value being not as random as expected. This problem occurs only during the YubiKey's power-up.

However, "After the predictable content in the random buffer is consumed, the buffer will be filled with the intended full random number generator output, and all subsequent use of randomness will not be affected."

Yubico discovered the issue internally and fixed it in YubiKey FIPS Series firmware version 4.4.5, which again was certified as FIPS compliant on April 30, 2019.

---

Original Submission

• FST-01??? FST-01??? (Score: 2) by canopic jug on Tuesday June 18 2019, @07:34AM (2 children)

  by canopic jug (3949) on Tuesday June 18 2019, @07:34AM (#856907) Journal

  They're nearly ubiquitous hardware tokens such that they're nearly synonymous with them. Nitrokeys are a distant competitor closing in on their market share. Then there are some lesser known brands, and even some home-grown solutions, out there, such as the FST-01. So it would be strange to add a link explaining Yubikeys, besides you would have then missed your chance to post about not knowing what hardware tokens are and then miss a subsequent chance for a follow up post to explain how it came to be that you didn't already know. ;)

  --
  Money is not free speech. Elections should not be auctions.

  Parent

  Starting Score:	1		point
  Karma-Bonus Modifier		+1
  Total Score:		2

• Re:FST-01??? Re:FST-01??? (Score: 4, Informative) by c0lo on Tuesday June 18 2019, @08:07AM (1 child)

  by c0lo (156) on Tuesday June 18 2019, @08:07AM (#856915) Journal

  They're nearly ubiquitous hardware tokens such that they're nearly synonymous with them...

  May be ubiquitous in USA, I'm yet to see any in Australia.

  So it would be strange to add a link explaining Yubikeys, besides you would have then missed your chance to post about not knowing what hardware tokens are and then miss a subsequent chance for a follow up post to explain how it came to be that you didn't already know. ;)

  At least where I work (US multinational corp), we are still using 3rd-party mobile apps for MFA to telecommute and a RFID card to open the door.
  Never felt that I'd need something else, so I still don't give a damn about TFA.

  --
  https://www.youtube.com/watch?v=aoFiw2jMy-0 https://soylentnews.org/~MichaelDavidCrawford

  Parent

  • Re:FST-01??? (Score: 0) by Anonymous Coward on Tuesday June 18 2019, @02:38PM

    by Anonymous Coward on Tuesday June 18 2019, @02:38PM (#856998)

    Then you're not really affected by this, then are you? I have a couple and they're quite a bit better than those 3rd party mobile apps. I have a couple of keys, one that comes with me and another that's stored in case the original is lost or stolen.

    Plenty of places in the US still use those stupid apps, but they're rather stupid. My web host still uses that.

    Parent