Yubikey NEO OpenPGP advisory

[Jose Castillo]

> On Apr 22, 2015, at 3:07 PM, Peter Lebbing <peter at digitalbrains.com> wrote:
> 
> What does a smartcard protect against?
> 
> Leaking the private key. It protects against more copies of
> the private key material existing.
> 
> Explicitly not /usage/ of the key by unauthorized people; it
> cannot protect against that. 

The smart card offers protection against copying of the key, but it includes the PIN to protect against unauthorized use. While not as absolute as the protection against copying, the PIN is an effective second factor; in the case of NFC, which is a big use case for the Yubikey, an attacker would need to shoulder-surf the PIN, capture it with malware, or get near enough with an NFC sniffer [1] to capture the PIN while the legitimate user is entering it. 

Removing the PIN from the equation removes the protection from unauthorized use. Obtaining a fraudulent signature is as simple as hovering an NFC smartphone within range of a defective token; it will sign any data transmitted to it. And since the Yubikey is designed to live on a user’s (physical) keychain, it is not at all difficult to imagine a scenario where an attacker could gain this level of proximity without attracting attention. This is before we address the issue of lost or seized devices. 

Personally, I think that it’s unsafe to have a PGP key on an old Yubikey that exhibits this vulnerability, which is why I submitted it to the list. 

[1]: http://hydrabus.com/hydranfc-1-0-specifications/

-- 

Joey Castillo
www.joeycastillo.com