Yahoo private key in the field

End of May, Yahoo issued new browser AXIS and its extensions for Chrome and Firefox.  As usual, the extensions were signed.  Unfortunately, Yahoo made a mistake.  On 23rd May, security researcher Nik Cubrilovic disclosed that the private key used to sign the applet was present in the applet!

Private keys should never be published.  They are the secret part and the root of trust.  You sign the applet with your private key to prove that you’re the originator.  Any principal who has your public key can check whether the signature is valid.  Thus, you should never disclose your private key.  If an attacker has your private key, she can impersonate you.  This means that, with the Yahoo private key, you can sign any piece of software and pretend it to be issued by Yahoo.  A perfect tool for malicious applets!

Yahoo quickly released a new version using a different signing key and published the corresponding certificate.  Yahoo will revoke the leaked key.

It is difficult to understand how such a mistake could happen.  There are at least two errors:

  • The developer(s) who wrote the applet was not understanding what a signature is.  There is no rationale why a private key should be in the code.
  • The signing private key was available in the clear to developer.  Good practice is to have the private key in a hardware secure module (HSM), such as a smart card. The module performs the signature thus the private key does never leave the module.

Law 6:  You are the weakest link.  Once more, a human error.

One thought on “Yahoo private key in the field

  1. Pingback: Malware signed by Adobe » The blog of content protection

Leave a Reply

Your email address will not be published. Required fields are marked *