YubiHSM 1 Security Advisory

A security review has revealed two methods to decrypt AES-CCM encrypted data (so called AEADs) if an attacker has live (remote) access to an unlocked YubiHSM 1, under some valid configurations. The methods have not been documented and may be unexpected for those unfamiliar with how AES-CCM works. This document describes the two methods and suggests workarounds. Date Published: January, 2012 Applies To: YubiHSM 1 Download: YubiHSM 1 Security Advisory