Side channel in Infineon crypto library, affecting YubiKey firmware < 5.7 (which replaced that library with Yubico's own).
Post is thin on details, but claims the ability to access private ECDSA key and clone a FIDO device, with physical access, in a "few minutes". Claimed to affect any brand of key that uses Infineon's library and chipset, "due to a non constant-time modular inversion."
"Authentication tokens (like FIDO hardware devices) primary goal is to fight the scourge of phishing attacks. The EUCLEAK attack requires physical access to the device, expensive equipment, custom software and technical skills. Thus, as far as the work presented here goes, it is still safer to use your YubiKey or other impacted products as FIDO hardware authentication token to sign in to applications rather than not using one." [original emphasis]
"2. The new YubiKey firmware 5.7 update (May 6th, 2024) switches the YubiKeys from Infineon cryptographic library to Yubico new cryptographic library. To our knowledge, this new cryptographic library is not impacted
... show moreSide channel in Infineon crypto library, affecting YubiKey firmware < 5.7 (which replaced that library with Yubico's own).
Post is thin on details, but claims the ability to access private ECDSA key and clone a FIDO device, with physical access, in a "few minutes". Claimed to affect any brand of key that uses Infineon's library and chipset, "due to a non constant-time modular inversion."
"Authentication tokens (like FIDO hardware devices) primary goal is to fight the scourge of phishing attacks. The EUCLEAK attack requires physical access to the device, expensive equipment, custom software and technical skills. Thus, as far as the work presented here goes, it is still safer to use your YubiKey or other impacted products as FIDO hardware authentication token to sign in to applications rather than not using one." [original emphasis]
"2. The new YubiKey firmware 5.7 update (May 6th, 2024) switches the YubiKeys from Infineon cryptographic library to Yubico new cryptographic library. To our knowledge, this new cryptographic library is not impacted by our work."
https://ninjalab.io/eucleak/
https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf
CVE pending.
Edit: Yubico now has an announcement (YSA-2024-03).
https://www.yubico.com/support/security-advisories/ysa-2024-03/
Includes scope of products impacted. "The moderate vulnerability primarily impacts FIDO use cases because the FIDO standard relies on the affected functionality by default. YubiKey PIV and OpenPGP applications and YubiHSM 2 usage may also be impacted depending on configuration and algorithm choices by the end user. "
"In order to observe the vulnerable operation, the attacker may also require additional knowledge such as account name, account password, device PIN, or YubiHSM authentication key."
Timeline is interesting and coordinated - Yubico was informed on April 19th, then new 5.7 firmware family entirely replacing Infineon libraries released for YubiKeys May 21st -- and then probably embargoed a few months for new firmware to roll out. YubiHSM update only announced yesterday, so looks timed to that as well.
Per-vendor and news/thread links here to minimize churn of this post:
https://infosec.exchange/@tychotithonus/113074603946027285
#FIDO #YubiKey #Infineon #YSA202403 #YSA_2024_03
Download the Writeup Illustration Romain Flamand – Flamingo Studio – flamandromain@gmail.com Abstract Secure elements are small microcontrollers whose main purpose is to generate/store secrets and then execute cryptographic operations.
NinjaLab