Email or username:

Password:

Forgot your password?
Dan Goodin

The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains brief physical access to it, researchers said Tuesday.

The cryptographic flaw, known as a side channel, resides in a small microcontroller that’s used in a vast number of other authentication devices, including smartcards used in banking, electronic passports, and the accessing of secure areas. While the researchers have confirmed all YubiKey 5 series models can be cloned, they haven’t tested other devices using the microcontroller, which is SLE78 made by Infineon and successor microcontrollers known as the Infineon Optiga Trust M and the Infineon Optiga TPM. The researchers suspect that any device using any of these three microcontrollers and the Infineon cryptographic library contains the same vulnerability.

arstechnica.com/security/2024/

6 comments
Jim P.

@dangoodin It's significant, sure, but I'm skeptical of using the term "brief" when it also requires (carefully) removing the current device housing, running the attack with phished credentials against a service that wouldn't rate limit such attempts, and then replacing it with a new housing as well.

I suppose someone who might be a potential target could take some extra physical security steps to make tampering evident, like encasing it in a custom color of liquid+cured resin.

Ugljesa Jovanovic

@dangoodin "To uncover the side channel, the researchers reverse-engineered the Infineon cryptographic library, a heavily fortified collection of code that the manufacturer takes great pains to keep confidential." Security through obscurity. If I remember correctly Tropic Square commented on this when they were launching their effort to develop a open and transparent security chip. I'll try to find that blog post.

Ugljesa Jovanovic

@dangoodin Here it is blog.trezor.io/introducing-tro the chapter I am referring to is "Our Dive into Secure Element, NDA chips and how we broke them"

wetfeet2000

@dangoodin I'm generally not a big fan of freaking out over side channel attacks. In particular I get irked when they frame it as "oh you just need physical access for a few minutes!" I did training on this for PCI device certification and it required $100k+ worth of equipment and lots of custom automation to perform that analysis. No one is carting around a Xeon workstation, high-bandwidth SDR, and antennas to do this to you on the street.

Lasagne

@dangoodin
Nice.
Confidentiality of the firmware should be punished.

Do I really have to read the entire PDF to know if "ECDSA" includes ed255119 or not?

Go Up