Yubico does product recall of FIPS YubiKey due to reduced entropy

Well no. With caveats.

The standard is written with the best intentions of ensuring security is maintained. There definitely are arguments for the selection of FIPS ciphers having been at least influenced by those that NIST are comfortable with but this doesn’t 100% invalidate the underlying methods.

Things like mandating POST for crypto functions, ensuring keys are properly zeroised between states, ensuring sufficient entropy is collected prior to key generation/derivation and ETC. These are all important security fundamentals that often get overlooked by device manufacturers that aren’t trying to meet the standard.

They are also currently super big into ensuring proper entropy is gathered and maintained for each of the DRBG sources. Like annoyingly into it tbh. Which gets super annoying when dealing with proprietary hardware noise sources and CPU architectures.

That said do keep a close eye on current research into the suggested ciphers and curves because well who knows. But things like RSA, TDES and AES are publically know algorithms and rather unlikely to be compromised as lots of private research has also gone into them.

Things like the selected ECC curves are a little more esoteric and there is some potential for them to suggest curves that are beneficial for them… but at the same time this is the shit they rely on to secure their own infrastructure and I hope they are at least somewhat beyond introducing systemic weaknesses into their own gear.


Leave a Reply