On Oct 31, 2017, at 8:10 PM, murphy <mac3...@gmail.com> wrote:
> I got a signed notification from facebook (good signature, enigmail)
> that claims my GnuPG generated public key has a "recently disclosed
> vulnerability". This is the full text:
> We have detected that the OpenPGP key on your Facebook profile may be
> susceptible to attacks due to a recently disclosed vulnerability. We
> recommend that you revoke and replace your public key immediately to
> minimize the risk to your encrypted communications. You can update your
> public key by visiting your Security and Login settings. To help reduce
> the risk of your key being attacked, we have set the privacy of your
> potentially vulnerable public key on your profile to "Only Me" to limit
> further distribution. We will continue to encrypt your notification
> emails using this OpenPGP public key.
> This is doubly weird since the private/public key was generated on a
> Yubikey-4 nano and it is safe at home. Does anyone know what this may
> be about?
Recently, a flaw in the firmware for some Infineon hardware crypto was found.
RSA keys that were generated with this faulty firmware are not nearly as strong
as their key length would imply.
You mention a Yubikey 4 nano, and unfortunately, that is one of the devices
that used Infineon components. In the case of a Yubikey and OpenPGP, if you
generate the key *on* a vulnerable Yubikey, you may have a problem. If you
generate the OpenPGP key elsewhere and *import* the key to your Yubikey, you
are not affected.
The Yubico people have a site up to check your device serial number to see if
it is vulnerable and are offering a replacement program. See
There has been some discussion of the implications of this vulnerability on
this list. Search the list archives for "ROCA" to see more.
The original paper is at https://crocs.fi.muni.cz/public/papers/rsa_ccs17
Gnupg-users mailing list