Security researchers have uncovered a significant vulnerability in YubiKeys, specifically targeting the YubiKey 5 Series. This vulnerability, identified as a side-channel attack, allows attackers to clone these devices by extracting the secret keys stored within them.
The attack exploits a flaw in the Infineon cryptographic library used in the secure elements of these devices, which are widely regarded as robust authentication tools.
The vulnerability, termed “EUCLEAK,” was discovered by NinjaLab researchers, who found that the Infineon Elliptic Curve Digital Signature Algorithm (ECDSA) implementation in YubiKey 5 Series is susceptible to side-channel attacks. The attack targets the non-constant-time modular inversion operation within the ECDSA, allowing attackers to extract the secret key used for cryptographic operations.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial
How the Attack Works
- Side-Channel Exploitation: The attack requires physical access to the YubiKey device. By using electromagnetic (EM) side-channel measurements, attackers can capture the cryptographic operations performed by the device. This process involves placing an EM probe near the device to record the signals emitted during ECDSA computations.
- Modular Inversion Vulnerability: The core of the attack lies in the modular inversion step of the ECDSA, where the nonce (a random number used once per signature) is inverted. The Infineon implementation does not perform this operation in constant time, leading to timing leaks that can be exploited to recover the nonce.
- Key Recovery: Once the nonce is recovered, the attacker can compute the private key using the known ECDSA signature and public key. This allows the attacker to clone the YubiKey, effectively bypassing its security.
The vulnerability affects all YubiKey 5 Series devices with firmware versions below 5.7. These devices are commonly used for two-factor authentication (2FA) and other security-critical applications.
The attack also extends to other products using Infineon’s cryptographic library, including some Trusted Platform Modules (TPMs) and potentially other secure systems like electronic passports and cryptocurrency hardware wallets.
Mitigation and Recommendations
Yubico has acknowledged the vulnerability found in Infineon’s cryptographic library, which is used in YubiKey 5 Series, and Security Key Series with firmware versions prior to 5.7.0, as well as YubiHSM 2 with firmware versions prior to 2.4.0.
“An attacker could exploit this issue as part of a sophisticated and targeted attack to recover affected private keys. The attacker would need physical possession of the YubiKey, Security Key, or YubiHSM, knowledge of the accounts they want to target, and specialized equipment to perform the necessary attack,” Yubico said.
| Not Affected Products | Affected Products |
|---|---|
| YubiKey 5 Series version 5.7.0 and newer | YubiKey 5 Series versions prior to 5.7 |
| YubiKey 5 FIPS Series 5.7 and newer (FIPS submission in process) | YubiKey 5 FIPS Series prior to 5.7 |
| YubiKey Bio Series versions 5.7.2 and newer | YubiKey 5 CSPN Series prior to 5.7 |
| Security Key Series versions 5.7.0 and newer | YubiKey Bio Series versions prior to 5.7.2 |
| YubiHSM 2 versions 2.4.0 and newer | Security Key Series all versions prior to 5.7 |
| YubiHSM 2 FIPS versions 2.4.0 and newer | YubiHSM 2 versions prior to 2.4.0 |
| YubiHSM 2 FIPS versions prior to 2.4.0 |
How to Check the version of the YubiKey
Using the Yubico Authenticator, you can determine the YubiKey model and version. The upper left corner of the Home screen displays the key’s series and model. In this example, the YubiKey is identified as a YubiKey 5C NFC with a version of 5.7.0.
For users currently using vulnerable YubiKeys, it is recommended to:
- Continue Using YubiKeys: Despite the vulnerability, using YubiKeys is still safer than relying solely on passwords for authentication.
- Monitor for Clones: Implement monitoring mechanisms to detect cloned devices, such as checking for unusual authentication activities.
- Consider Alternatives: Where possible, use cryptographic algorithms that do not rely on vulnerable operations or switch to updated devices.
The discovery of the EUCLEAK vulnerability underscores the importance of constant-time cryptographic implementations to prevent side-channel attacks. While the attack requires physical access and sophisticated equipment, it highlights potential risks in widely used security devices.
What Does MITRE ATT&CK Expose About Your Enterprise Security? - Watch Free Webinar!