A recent breakthrough by French cybersecurity researchers has exposed a side-channel vulnerability in YubiKey 5 Series security keys. This attack demonstrates that even the most secure hardware, which is designed to protect online accounts using two-factor authentication (2FA), can be compromised under the right conditions.
Overview of the Side-Channel Attack
YubiKeys, often praised for their robust security, rely on the Elliptic Curve Digital Signature Algorithm (ECDSA) for encryption. The Infineon SLE78 microcontroller, which powers these devices, was thought to be secure following its numerous certifications, including from the Common Criteria for Information Technology Security Evaluation. However, a vulnerability hidden for over a decade has now been uncovered, exploiting the Extended Euclidean Algorithm (EEA) used during encryption. This vulnerability involves a timing leakage during the modular inversion operation. A physical attacker can collect electromagnetic (EM) signals emitted during the cryptographic process to extract secret keys from the device, allowing them to create a clone of the YubiKey.
The researchers behind the attack—dubbed EUCLEAK—used side-channel analysis, a method that leverages the emissions or power consumption of the device to extract cryptographic secrets. To launch the attack, the researchers needed direct physical access to the YubiKey. Using precise tools, they could measure the time taken during specific operations, identify the side-channel leakage, and reverse-engineer the secret key.
Impact on Devices and Systems
This attack isn’t isolated to just the YubiKey 5 Series. Any Infineon microcontroller using this ECDSA implementation, such as those in smart cards, electronic passports, cryptocurrency wallets, and even secure elements in smart homes or cars, could be vulnerable. All YubiKey 5 Series devices running firmware versions before 5.7 are susceptible to this attack.
Despite the gravity of the discovery, the attack requires advanced skills, specialized equipment, and physical access to the device, making it unlikely for widespread abuse. Nevertheless, this research highlights how even well-regarded secure systems can have hidden vulnerabilities. Importantly, Yubico, Infineon, and other stakeholders have been notified, and patches have been implemented in newer firmware updates.
The Attack in Detail
The core of the attack revolves around the non-constant time nature of the modular inversion operation in the ECDSA algorithm. Specifically, the researchers found that during this inversion process, the time taken by the YubiKey to complete the operation varied, depending on the values being processed. This allowed them to deduce parts of the secret key through careful observation. By capturing multiple EM traces over a few minutes, they could extract enough data to reconstruct the full key.
One key point is that the nonce (a random value used once per encryption) was not adequately protected during its inversion. By exploiting this weakness, the researchers could reverse-engineer the YubiKey’s cryptographic operations, enabling them to clone the device.
Mitigation and Next Steps
Although the YubiKey 5 Series vulnerability is alarming, the attack still requires specific conditions, such as physical access to the device and expensive equipment. For most users, the YubiKey remains a secure option, especially compared to traditional password-based authentication. Still, users should ensure their devices are running the latest firmware and consider physical security measures.
Infineon has already addressed the vulnerability in its cryptographic library, and Yubico has rolled out a firmware update (version 5.7) that protects YubiKeys from this attack. The research team, NinjaLab, has also shared their findings with other affected vendors to ensure broader protection across devices using Infineon’s microcontrollers.
In conclusion, while the EUCLEAK attack raises important questions about hardware security, it also emphasizes the importance of continuous vigilance and updates in the cybersecurity world.
Sources: