Yubico to replace the vulnerable FIPS YubiKey security keys



[ad_1]

YubiKey FIPS Series

Image: Yubico

Yubico announced today that it plans to replace some hardware security keys because of a flaw in the firmware that would reduce the randomness of cryptographic keys generated by its peripherals.

Affected products include YubiKey FIPS Series, a range of YubiKey authentication keys certified for use on US Government (and other) networks in accordance with the Federal Government's Federal Information Processing Standards (FIPS). United States.

A boot bug temporarily reduces the randomness of the cryptographic key

According to a security advisory issued by Yubico and released today, YubiKey FIPS Series devices running firmware versions 4.4.2 and 4.4.4 contain a bug that keeps "predictable content" in the device's data buffer after the power-on operation.

This "predictable content" will influence the randomness of the cryptographic keys generated on the device for a short time after startup, until the "predictable content" is fully used and real random data is present in the buffer.

This means that for a short time after starting YubiKey FIPS Series devices with the relevant versions 4.4.2 and 4.4.4, some keys can be recovered in whole or in part, depending on the encryption algorithm used by the device. key for a particular authentication operation.

For example:

– an RSA key can be assigned a maximum of 80 predictable bits on a minimum of 2048 bits
– for ECDSA signatures, the nonce K is strongly biased, 80% of the 256 bits are static, the signatures are weakened
– for ECC key generation, the key can be assigned up to 80 predictable bits over a minimum key length of 256 bits
– for ECC encryption, 16 bits of the private key are known
– for secp256r1 private keys, the key can be assigned 16 predictable bits, reducing the number of unknown bits in the key from 256 to 240 bits
– for private keys secp384r1, the number of unknown bits in the key is reduced from 384 to 368 bits

Yubico offers replacements

Yubico now advises owners of YubiKey FIPS Series to check the firmware version of their key and register for a replacement on their portal, if they have not already received it.

Yubico said customers will receive new YubiKey FIPS series keys with a firmware version corrected for 4.4.5.

Version 4.4.3 of the YubiKey FIPS Series firmware is not listed as being affected because Yubico has never released it and has been skipped from 4.4.2 to 4.4.4.

In the technical advice released today by the company, the company has also listed some scenarios in which authentication procedures involving the YubiKey FIPS series would be likely to be affected.

For example, authentication procedures based on FIDO U2F are confirmed as affected, whereas the use of FIPS Series YubiKey keys with smart cards, OATH single-use passwords and password protection. OpenPGP can reduce the security of authentication procedures in certain scenarios.

Not a big problem, but not something to ignore either

Overall, the risk that an attacker exploits this vulnerability is low, because of the complex need to intercept authentication operations and then break the rest of the cryptographic key.

Nevertheless, it is preferable that users do not take any risk, especially if these keys are used in very sensitive networks.

Yubico is the second company last month to offer a replacement after finding a bug in its security keys. In May, Google recalled some Titan security keys because of a vulnerability discovered in the Bluetooth key coupling protocol.

More vulnerability reports:

[ad_2]

Source link