Submitted via IRC for SoyCow4463
Some YubiKey FIPS Keys Allow Attackers to Reconstruct Private Keys
Yubico issued a security advisory saying that an issue impacting YubiKey FIPS Series devices (versions 4.4.2 and 4.4.4) reduces the strength of generated RSA keys and ECDSA signatures after power-up.
YubiKey FIPS Series key affected by this issue are the YubiKey FIPS, the YubiKey Nano FIPS, the YubiKey C FIPS, and the YubiKey C Nano FIPS — other Yubico products are not impacted.
According to Yubico's advisory, "random values leveraged in some YubiKey FIPS applications contain reduced randomness for the first operations performed after YubiKey FIPS power-up."
More to the point, on affected Yubico products, the buffer holding the keys derivation random value used by RSA and ECDSA algorithms contains some predictable data which leads to the value being not as random as expected. This problem occurs only during the YubiKey's power-up.
However, "After the predictable content in the random buffer is consumed, the buffer will be filled with the intended full random number generator output, and all subsequent use of randomness will not be affected."
Yubico discovered the issue internally and fixed it in YubiKey FIPS Series firmware version 4.4.5, which again was certified as FIPS compliant on April 30, 2019.
(Score: 0) by Anonymous Coward on Tuesday June 18 2019, @02:16PM (2 children)
1. Get a lot of people to buy your product
2. Find a security vulnerability, release a new version with a fix
3. Everyone has to buy the new version to get the fix.
4. Repeat every so often.
5. Profit!!!
(Score: 3, Informative) by rigrig on Tuesday June 18 2019, @02:52PM
Except in this case
3. Everyone has to buy the new version to get the fix.3. All affected customers get offered a free replacement.
No one remembers the singer.
(Score: 0) by Anonymous Coward on Tuesday June 18 2019, @03:00PM
Except that they're giving free replacements for the affected hardware.