Yubikey NEO OpenPGP advisory

Peter Lebbing peter at digitalbrains.com
Wed Apr 22 21:07:59 CEST 2015

On 22/04/15 20:27, Andreas Schwier wrote:
> I would consider this a major bug, in particular if I purchase a device
> to get this specific kind of protection.

I think it's a major bug, I'm not completely satisfied with the way they
downplay the importance. I kinda agree with them, but it still leaves me
feeling a bit dissatisfied.

But apropos, what kind of protection did you buy it for then? I'm unsure
what you mean by "this specific kind of protection".

What does a smartcard protect against?

Leaking the private key. It protects against more copies of the private
key material existing.

Explicitly not /usage/ of the key by unauthorized people; it cannot
protect against that. There are many threat models where an attacker
gains use of the key.

This PIN handling bug still does not allow an attacker to extract secret
key material.

Furthermore, I see a lot of different scenarios chucked together:
malware, actual loss of the smartcard. The discussion quickly becomes
weird when everybody keeps on moving the goal posts. Please try to keep
this in mind.

> Imagine a bank, SIM or electronic signature card with a malfunctioning
> PIN. Would you consider that a minor bug ?

Bank cards and SIMs each have such a different way of using them than an
OpenPGP card (which is an electronic signature card) that I can't
compare them.

Bank cards only go in terminals at shops or ATM's, not your own PC. They
also have a host of issues themselves, which indeed includes complete
failure to check the PIN. Yet they are not fixed; it's all just papered
over and denied by the banks. At the 31C3 there was a talk about
defending yourself when your bank tries to make you pay for misuse of a
stolen card.

And SIMs just need to hold off access until I've notified my mobile
phone provider that my card has been stolen. After that, the SIM is useless.

It's all so different that it's useless to compare.


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>

More information about the Gnupg-users mailing list