Stolen encryption key the source of compromised certificate problem, Symantec says