Wired: YubiKeys Are a Security Gold Standard—but They Can Be Cloned

Source URL: https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/
Source: Wired
Title: YubiKeys Are a Security Gold Standard—but They Can Be Cloned

Feedly Summary: Security researchers have discovered a cryptographic flaw that leaves the YubiKey 5 vulnerable to attack.

AI Summary and Description: Yes

Summary: The text discusses a critical vulnerability in the YubiKey 5 hardware token due to a side-channel flaw in its cryptographic implementation, which can lead to cloning if an attacker gains physical access to the device. This issue raises significant concerns regarding the security of various authentication devices using similar microcontrollers.

Detailed Description:
– The YubiKey 5 series, which is widely used for two-factor authentication (2FA) based on FIDO standards, has been found to have a cryptographic flaw that could allow an attacker to clone the device upon gaining temporary physical access.
– This vulnerability is attributed to a side-channel attack stemming from a defect in a small microcontroller common to many authentication devices, including smartcards employed in banking and secure access areas, demonstrated by security firm NinjaLab.
– Key points discussed in the advisory include:
– All YubiKey 5 models are confirmed to be vulnerable, particularly if they are running firmware prior to version 5.7, which addresses the vulnerability by replacing the Infineon cryptolibrary with a custom one.
– Unfortunately, affected devices cannot be patched, leading to their permanent vulnerability.
– Attackers would need physical possession of the YubiKey and additional information like usernames, passwords, and specialized equipment to execute the attack.
– The vulnerability arises from the failure of the Infineon cryptolibrary to fully implement constant-time operations necessary to prevent timing attacks, which can reveal cryptographic secrets during operations.
– The specific vulnerability lies in the Extended Euclidean Algorithm (EEA), which is instrumental in computing modular inverses, thereby exposing the ephemeral ECDSA keys.
– The detailed analysis indicates that the vulerability has been in existence for over 14 years across multiple products relying on Infineon’s ECDSA, raising significant concerns about the long-term security implications of certified devices that passed evaluations over this duration.

This incident underscores the crucial need for rigorous security evaluations, ongoing monitoring for vulnerabilities in widely-used components, and the implementation of robust cryptographic practices among all manufacturers involved in authentication technologies. Security professionals must remain vigilant against potential exploits and encourage rapid adoption of firmware updates to mitigate such vulnerabilities.