Physical security keys, like those sold by Yubico, Thetis and Kensington, are a great way to lock down your digital lives. They also tend to be wicked fast compared to the wait you have to put on while you're waiting for a 2FA password to arrive via SMS or typing in a verification code from an app like Google Authenticator.
Unless of course said security key is deeply, deeply borked.
Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness of the cryptographic keys it generates. The security keys are used by thousands of federal employees on a daily basis, letting them securely log-on to their devices by issuing one-time passwords.
The problem in question occurs after the security key powers up. According to Yubico, a bug keeps "some predictable content" inside the device's data buffer that could impact the randomness of the keys generated. Security keys with ECDSA signatures are in particular danger. A total of 80 of the 256 bits generated by the key remain static, meaning an attacker who gains access to several signatures could recreate the private key.
If someone reading this can school me on why anyone working at Yubico would think that keeping 'predictable content' on a device meant to secure highly-sensitive governmental systems and information, I'd appreciate it. Read the rest