[l] I’ve long been a fan of dubious security manufacturers because I think it’s an absolute disservice to talk about security and then fail to deliver on it or talk down security gaps. In my opinion, the code from security companies in particular should be technically beyond reproach. But in practice it is not at all. It’s very sad, let’s just take Infineon. They already have a long history of shitty security, and even worse: of loopholes that remain “undiscovered” for years to decades and which they then talk down when they come out. Infineon likes to present itself as a smartcard expert, but customers then starve on the long arm. A more recent example was Eucleak, an attack on an Infineon library (code!!) in Series 5 Yubikeys. Once again, this vulnerability was ages old and sailed through 80 Common Criteria certifications for 14 years. Infineon was interested in selling this shit, the certifiers were interested in making money, and the authorities were interested in putting on a show to make their certifications look helpful and important. From my point of view, the opposite is true: this was a side-channel attack with which the secret key material can be extracted.
For a security token whose sole raison d’être is to protect the secret key material from access, that’s a total fucking failure, so Yubikey will have immediately recalled and replaced all the keys, right? And Infineon as the culprit will have borne the costs? Haha, none of that happened! Infineon sits in their money bin and counts the dollars, puts out a new software version and figures the rest is not their problem. Yubikey drank Infineon’s marketing koolaid and didn’t include a way to update the software because it would compromise the security of the devices.Now that the devices are compromised even without an update option, a buddy of mine has been trying to get his three Yubikeys swapped for a couple weeks. Yubikey told him: Lolnope. An attacker needs enormous criminal energy and special hardware to do that!1!!! That, ladies and gentlemen, is the state of the security industry.
The software clunkers are all terrible, but the hardware clunkers are no better on closer inspection, but hey, don’t take my word for it that this Yubikey problem is dangerous. Take it from the Austrians, who no longer allow Yubikeys with the old software for ID Austria and xIDENTITY (their electronic proof of identity for digital government transactions) because it’s too easy to extract the key. If you want to get in a bad mood, take a look at Infineon’s marketing materials on electronic ID cards.Update: It’s even more blatant, as one reader notes: regarding the Yubikey story, it should also be noted that they are currently even so bold as to sell off their stocks of vulnerable keys instead of scrapping them. I recently ordered two of these things (the expensive FIPS version!) and what do I get? The keys with the old, vulnerable firmware. The reason for this is probably that they are initially supplying authorities and other “prioritized” customers with the keys with the new firmware.
But that way they can still make a profit with the old junk. This means that even if you just buy a new one, customers still get garbage delivered.
It was disappointing that they did not take the vulnerability seriously enough to replace affected keys. The fact that they are now selling vulnerable stock is probably illegal under consumer protection laws (if true).
The firmware version is listed on their product pages. The FIPS keys are the unpatched version 5.4, but the standard 5-keys are on the latest 5.7.
The FIPS keys, as I understand it, are designed to adhere to certain regulations for government use, and offer no security benefits over the standard keys. That is presumably why they are slower to update.
I would prefer they just offer replacements to anyone who wants one but I think their explanations make sense.
According to the researchers, any attempt to exploit this vulnerability would require significant resources and knowledge. The attacker would need physical possession of the YubiKey, Security Key, or YubiHSM, knowledge of the accounts they want to target, and specialized equipment to perform the necessary attack.
[…]
As this risk has been rated as “moderate” according to the Common Vulnerability Scoring System (CVSS) and as maintaining possession of your YubiKey and deregistering it promptly if it is lost or stolen, can effectively mitigate this risk, we do not have an active key replacement program.
Frankly, that is a bullshit explanation from Yubico. This vulnerability fundamentally undermines the guarantees which a YubiKey is designed to provide (i.e. it no longer functions as advertised). It should not be unreasonable to expect Yubico to voluntarily replace vulnerable keys or to be legally required to do so. After all, this would be a non-issue if they took the universal approach to security of patching vulnerable software.
I don’t buy that. The attacker needs to have physical control of your device and even then “a successful attack cannot be accomplished at will” according to NIST. Not only that but you can de-register your device, if you do lose physical control of it to mitigate the attack.
I don’t think a “moderate” threat with an Exploitability Subscore of 0.5 is worth pulling the pitchforks out over.
I feel like we are looking at it from the perspective of two distinct guarantees a YubiKey provides.
One of those is phishing resistance, but the reality is that you could achieve equally robust phishing protection with software-based passkeys or other public-key cryptography.
Having hardware-backed security is another one of those guarantees, and is the reason one purchases a YubiKey over a software solution. Take the HSM module for example, it is affected by the same vulnerability and in that case it may be more obvious that protecting the private keys is a core function. It may not matter to everyone’s threat model but for some people it does. At this point I would be better off trusting my Pixel’s Titan M2 chip to protect my private keys rather than my dedicated hardware-security key.
Honestly, I wouldn’t be so pissed if it weren’t for their absurd refusal to allow firmware updates. Even if having upgradeable firmware was a security risk (it isn’t), they could offer a model for customers willing to take that ‘risk’. Of course, that will never happen because this way they drive recurring revenue when customers are forced to upgrade after vulnerabilities like this one.
I just tend to believe, considering the complexity of the vulnerability, that people that would likely be targeted with it are not keeping old yubikeys in use anyway but I see your point.
No disagreements here. Its a load of shit they don’t have upgradeable firmware.
Given this, what are the alternatives? From my understanding we have the google titan, which doesn’t allow you to delete passkeys once you’ve created them, and the nitrokey, who has been called out by the graphene devs for spreading misinformation
YubiKeys are unfortunately still the best option, just make sure you are buying a key with firmware version 5.7 or later. They support the most modern CTAP versions which for example enable the key itself to require a FIDO2 PIN be used.
The simplest alternative is to just buy a new yubikey with the most recent firmware. I do think, in this situation, its worth evaluating your threat model before making a change. The vulnerability is extremly hard to exploit and easily mitigated. It seems unlikely most peoples threat model would even make them a target for this type of exploit.
I agree. As absurd as this is from a ‘security’ company, most people won’t be able to and maybe even shouldn’t replace their keys. That being said, Yubico doesn’t deserve a pass, and they need to do better in the future. This situation has certainly left me rooting for their competitors to catch up.