Infineon ECDSA Private Key Recovery Customer Resources


Issue Summary

A vulnerability was discovered in Infineon’s cryptographic library, which is utilized in all YubiKey Series and Security Key Series with firmware prior to 5.7.0 and YubiHSM 2 with firmware prior to 2.4.0. The severity of the issue in Yubico devices is moderate.

An attacker could exploit this issue as part of a sophisticated and targeted attack to recover affected private keys. The attacker would need physical possession of the YubiKey, Security Key, or YubiHSM, knowledge of the accounts they want to target, and specialized equipment to perform the necessary attack. Depending on the use case, the attacker may also require additional knowledge including username, PIN, account password, or authentication key. See Affected Use Cases and Mitigations for more details. 

The moderate vulnerability primarily impacts FIDO use cases because the FIDO standard relies on the affected functionality by default. YubiKey PIV and OpenPGP applications and YubiHSM 2 usage may also be impacted depending on configuration and algorithm choices by the end user. 

As part of ongoing improvements in Yubico products and to reduce exposure to our supply chain, the dependency on Infineon’s cryptographic library has been removed in favor of Yubico’s own cryptographic library.

This support article will focus on actions affected customers can take. For more details regarding the issue and impact, see Yubico Security Advisory YSA-2024-03.

Affected Products 

YubiKey 5 Series versions prior to 5.7

YubiKey 5 FIPS Series prior to 5.7

YubiKey 5 CSPN Series prior to 5.7

YubiKey Bio Series versions prior to 5.7.2

Security Key Series all versions prior to 5.7

YubiHSM 2 versions prior to 2.4

YubiHSM 2 FIPS versions prior to 2.4

Not Affected Products

YubiKey 5 Series version 5.7.0 and newer

YubiKey 5 FIPS Series 5.7.2 and newer

YubiKey Bio Series versions 5.7.2 and newer

Security Key Series versions 5.7.0 and newer

YubiHSM 2 versions 2.4 and newer

 

Mitigations

YubiKey FIDO

Organizations can also utilize FIDO attestation controls to limit usage of impacted keys (versions prior to 5.7.0). Full AAGUID list along with firmware version is available in this AAGUID support article.

 

Authentication

To help avoid local and physical threats, users should continue to exercise due diligence when installing software on their devices and maintain control of YubiKeys. In the event of a lost or stolen YubiKey, deregister the YubiKey immediately from  services and use backup YubiKeys or authentication methods. Organizations may consider using identity provider settings to lessen session length and require more frequent FIDO authentication. Frequent usage of the YubiKey can help identify lost or stolen YubiKeys more quickly and reduce the window of exposure for attackers.

YubiKey Bio Series requires user verification on all credentials, regardless of Credential Protection level. It is possible to change this setting. Use YubiKey Manager to see what the current setting is on a YubiKey Biometric or change this setting. 

To see the current status for Require UV on a YubiKey Bio device:

ykman fido info 

To change the value for Require UV on a YubiKey Bio device:

ykman fido config toggle-always-uv

 

Attestation 

Attestation is built-in to the FIDO and WebAuthn protocols. This feature enables each relying party to use a cryptographically verified chain of trust from the device’s manufacturer to choose which security keys to trust. The primary use case for attestation is an organization enforcing requirements for FIDO certifications, manufacturer limitations, or using enterprise attestation. It is unlikely individual consumers are using this feature. 

Organizations relying on FIDO attestation to ensure genuine YubiKeys are in use may consider supplementing FIDO login with other credentials such as YubiOTP or RSA attestation statements from PIV or OpenPGP.

To get started using YubiOTP please see our YubiCloud documentation.

PIV and OpenPGP attestation statements are intended to produce cryptographic evidence that a PIV or OpenPGP certificate was generated on the YubiKey. These are signed by the attestation key for that application. By default, YubiKeys have Yubico certificates installed for both PIV and OpenPGP applications with a signature from either the Yubico PIV Root Certificate Authority or Yubico OpenPGP Root Certificate Authority

To produce a PIV attestation statement using YubiKey Manager, use the following command:

ykman piv keys attest [OPTIONS] SLOT CERTIFICATE

More information can be found in YubiKey Manager documentation

Instructions for producing an OpenPGP attestation statement using YubiKey Manager are available in YubiKey Manager documentation.

 

YubiKey PIV 

Signing

ECC PIV keys may be impacted by the Infineon ECDSA Private Key Recovery issue if they are used for signing. 

Users can mitigate by using RSA keys. To generate new PIV keys on the YubiKey, use YubiKey Manager and the following command:

ykman piv keys generate [OPTIONS] SLOT PUBLIC-KEY

More information can be found in YubiKey Manager documentation and PIV documentation.

 

Attestation

YubiKeys are all made with a PIV attestation certificate in slot f9 signed by Yubico PIV Root Certificate Authority and can be used to produce a cryptographic statement that a PIV key was created on the YubiKey. By default RSA is used for attestation. If a user has replaced the default attestation certificates with ECC keys, they may be impacted by the Infineon ECDSA Private Key Recovery issue. 

Users can mitigate by using RSA attestation certificates. To generate a new PIV attestation certificate on the YubiKey, use YubiKey Manager and the following command:

ykman piv keys generate [OPTIONS] f9 PUBLIC-KEY

More information can be found in YubiKey Manager documentation and PIV attestation feature documentation.

 

YubiKey OpenPGP

Signing

ECC OpenPGP keys may be impacted by the Infineon ECDSA Private Key Recovery issue if they are used for signing. 

Users can mitigate by using RSA or ed25519 signing keys and using OpenPGP options to require PIN for signing.

To generate a new OpenPGP key on the YubiKey, use YubiKey Manager and follow the OpenPGP walkthrough available in Yubico OpenPGP documentation.

To view the current PIN policy for your OpenPGP signing key use GnuPG to inspect the current settings for your OpenPGP key using gpg --card-edit.

Look for the Signature PIN ....: line. It will either be set to forced or not forced. If it is set to forced, a PIN will be required to sign with the key. 

To toggle the setting use gpg/card> admin to enable use of GPG admin commands, then use gpg/card> forcesig which will change the setting. If it was previously set to not forced, this will set to forced, and vice versa.

 

Attestation

YubiKeys are all made with a OpenPGP attestation certificate signed by Yubico OpenPGP Root Certificate Authority and can be used to produce a cryptographic statement that an OpenPGP key was created on the YubiKey. By default RSA is used for attestation. If a user has replaced the default attestation certificates with ECC keys, they may be impacted by the Infineon ECDSA Private Key Recovery issue. 

Users can mitigate by using RSA attestation certificates. To generate a new OpenPGP attestation certificate using something like openssl and YubiKey Manager to import a new attestation certificate:

openssl genrsa -out keypair.pem 2048

ykman openpgp certificates import [OPTIONS] att CERTIFICATE


YubiHSM

For all YubiHSM cases, the attacker would also require an authentication key that has the appropriate capabilities to perform signing actions with the affected elliptic curve key. 

There are authentication methods available on the YubiHSM 2. One is using a password and the other is using YubiHSM Auth which stores an authentication key in a YubiKey. Authenticating to a YubiHSM with either method does not rely on ECDSA and is unaffected by the issue described in YSA-2024-03. 

Users should generate their own authentication keys rather than use the default authentication keys for the YubiHSM prior to performing sensitive actions like generating or importing secrets or signing with the YubiHSM. See YubiHSM documentation for instructions for generating authentication keys.

 

Signing

ECC keys on HSMs may be impacted by the Infineon ECDSA Private Key Recovery issue if they are used for signing. 

Users can mitigate by using RSA or ed25519 signing keys. Users can use the YubiHSM SDK to generate new asymmetric keys.  

Attestation

YubiKeys are all made with a YubiHSM attestation certificate signed by Yubico HSM Root Certificate Authority and can be used to produce a cryptographic statement that an attestation key was created on the HSM. By default RSA is used for attestation. If a user is using ECC keys instead if the default attestation certificates, they may be impacted by the Infineon ECDSA Private Key Recovery issue. 

Users can mitigate by using RSA attestation certificates. For more information on attestation and how to generate new attestation certificates see the YubiHSM SDK attestation documentation.