Not logged in » Login
Apr 26 2015

Vulnerability in Potential Christmas Gift


In December 2014, we introduced YubiKey NEO, a USB stick that serves as an OTP generator in two-factor authentication scenarios and relies on standards propagated by the FIDO Alliance. According to a recent announcement from manufacturer Yubico, the product suffers from a rather odd security flaw.

Secure multi-factor authentication and single sign-on are key parts of every security infrastructure that deserves the name. The problem with such solutions is that most of them are proprietary, require additional hard- and software, and call for explicit user interaction – all of which are factors that make them complicated and uncomfortable to use. Against this backdrop, the YubiKey NEO seemed like the proverbial Swiss Army knife for authentication purposes. In addition, the device may be used like a regular SmartCard that supports file encryption/decryption and digital signatures based on OpenPGP. In these latter scenarios, PIN verification is required for proper use.

In a security advisory first released in mid-April, the California-based manufacturer Yubico Inc. now warns against a "logical flaw" contained in the code that rules the verification process. The bug essentially enables attackers to bypass verification if they can manage to gain local host privileges and/or get close enough to the device's built-in NFC module. They can then perform security operations without the user's knowledge.

More specifically, the vulnerability appears to be the result of a simple typo. According to security researcher Joey Castillo, it resides "in the first line of the computeDigitalSignature, decipher and internalAuthenticate methods." And he adds: "The goal of each is to establish that the PW1 has been validated, AND the proper mode has been set (mode 81 for signing, mode 82 for everything else). According to the spec, if either of these conditions are (sic!) not satisfied, the security operation should not proceed. [...] The dire case [occurs] when the card is powered up, the PIN has not been validated, and both modes are set to false. In this state, the card will issue a signature even though the PIN has not been validated." Another flaw verifies a PIN for signing under inappropriate conditions, i.e. at points in time when no signature should be generated. However, the authentication and SSO functionalities appear to be unaffected at the time of writing.

Even though this looks like a comparatively serious bug, Yubico assures users that "its practical consequences are relatively small" since potential adversaries would have to have root access (or be able to perform certain privileged operations) to mount a successful attack. To further mitigate the risk, Yubico has issued an updated version (1.0.10) of the affected OpenPGP applet and will issue replacements for affected YubiKeys. For more information, see the manufacturer's security advisory along with this report from NetworkWorld. You may also want to keep tabs on the vulnerability using the following tracking IDs: CVE-2015-3298; YSA-2015-1.


Comments on this article

No comments yet.

Please Login to leave a comment.


Please login

Please log in with your Fujitsu Partner Account.


» Forgot password

Register now

If you do not have a Fujitsu Partner Account, please register for a new account.

» Register now