Yubikey NEO OpenPGP advisory

[Andreas Schwier]

Thanks for sharing.

I guess this once again shows that writing security sensitive software
is not about just hacking some lines of code, it's about putting
together a good (or better semi-formal) functional requirements
specification and a test framework that validates the correct
implementation of the defined mechanisms. With a proper test set-up -
which is relatively easy to do for a smart card application - this
should not have happened.

And contrary to the Yubico position that this is a minor issue, I would
call the circumvention of the PIN mechanism a major issue. If you loose
the device, then you loose the key.

Andreas

On 04/21/2015 07:48 PM, Jose Castillo wrote:
> I haven’t seen this posted to the list yet, and thought it would be important for people who use the Yubikey NEO's OpenPGP functionality with GnuPG. It regards a vulnerability in the Yubikey NEO implementation of the OpenPGP smart card application: 
> 
> https://developers.yubico.com/ykneo-openpgp/SecurityAdvisory%202015-04-14.html
> 
> Yubikeys running the vulnerable software will generate signatures and decrypt session keys unconditionally, i.e. without verifying the user’s PIN. I reported this vulnerability to Yubico on 4/11, and to their credit it was quickly fixed. Still, if you are using a Yubikey that you obtained prior to the fix being issued, you should be aware that this vulnerability could affect your security. 
> 
> This issue also affected the upstream javacardopenpgp project [1], which has been updated with a fix as well. 
> 
> [1]: http://sourceforge.net/projects/javacardopenpgp/
> 


-- 

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Schülerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org
                 http://www.smartcard-hsm.com