Hi,
Recently a vulnerability in a firmware library used by multiple
hardware vendors has been discovered. This vulnerability makes RSA keys
generated on those hardware chips much easier to factorize. One of the
devices affected is the YubiKey 4 family dongle (YubiKey 4, 4 Nano and
4C).
Advisory
On Mon, 2017-10-16 at 21:06 +0200, Christian Seiler wrote:
> Unfortunately, as far as I understand it, there's no easy method for
> detecting these kinds of broken keys without actually attempting to
> factorize them - and while that's feasible (hence the vulnerability)
> it is still quite
On Mon, Oct 16, 2017 at 09:13:19PM +0200, Yves-Alexis Perez wrote:
> On Mon, 2017-10-16 at 21:06 +0200, Christian Seiler wrote:
> > Unfortunately, as far as I understand it, there's no easy method for
> > detecting these kinds of broken keys without actually attempting to
> > factorize them - and
On 10/16/2017 09:13 PM, Yves-Alexis Perez wrote:
> On Mon, 2017-10-16 at 21:06 +0200, Christian Seiler wrote:
>> Unfortunately, as far as I understand it, there's no easy method for
>> detecting these kinds of broken keys without actually attempting to
>> factorize them - and while that's feasible
What I would like to know is whether other keycards, like the Nitrokey
Start, FST-01 or the Zeitcontrol smartcards, are affected.
I suspect only the Nitrokey PRO and Zeitcontrol cards *could* be
affected (and may not be, since i heard noises about gemalto *not* using
those routines) but I don't
5 matches
Mail list logo