Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
Researchers have discovered a serious vulnerability in Infineon chips.
Researchers have discovered a serious vulnerability in the popular YubiKey 5 two-factor authentication devices. This finding could jeopardize the security of many users who rely on these tokens to protect their accounts.
The problem lies in a cryptographic library developed by Infineon. An elevation of privilege vulnerability in the application could allow attackers to clone YubiKey 5 under the condition of temporary physical access to the device. The attack, dubbed EUCLEAK, is based on the analysis of the so-called side channels - information leaks through the physical manifestations of the device's operation.
In this case, the side channel is the time spent on performing certain cryptographic operations. More specifically, the vulnerability manifests itself in modular inversion. An attacker can measure tiny differences in time and, based on this data, extract the ECDSA secret key that underpins the token's security.
Specialists from NinjaLab, who discovered the vulnerability, described in detail the attack mechanism. They used an oscilloscope to measure electromagnetic radiation during token authentication. This allowed them to discover the temporal differences that reveal the key.
More precisely, the vulnerability lies in Infineon's implementation of Euclid's advanced algorithm, a method used, among other things, to compute modular inversion.
All models of the YubiKey 5 series with firmware lower than version 5.7 were vulnerable. Unfortunately, it is impossible to update the firmware on these devices, which makes them permanently vulnerable to this attack. Yubico released firmware update version 5.7 in May, which replaces the Infineon crypto library with its own development. However, this does not solve the problem for devices that have already been released.
The problem isn't just limited to YubiKey. The researchers suggest that the vulnerability could affect a wide range of devices that use Infineon microcontrollers, including smart cards for banking, e-passports, and secure area access systems.
Among the potentially vulnerable microcontrollers, the researchers name Infineon's SLE78, as well as its successors, the Infineon Optiga Trust M and the Infineon Optiga TPM.
To successfully carry out the attack, the attacker will need equipment worth about $11,000 and deep knowledge of electrical engineering and cryptography. This limits the possibility of widespread spread of the threat, making it available mainly to government entities or organizations with comparable resources.
According to the researchers, the offline phase of the attack initially took them about 24 hours, but with additional engineering work on the development of the attack, this time could be reduced to less than one hour.
The YubiKey cloning process involves several steps. First, the attacker must obtain the victim's login and password, for example, through a phishing attack. Then it is necessary to temporarily take possession of the physical device without arousing suspicion in the owner.
Using the stolen credentials, the attacker sends authentication requests while simultaneously measuring the side channels. The device is then returned to the owner, and the resulting data is analyzed to extract the ECDSA private key. Once the key has been successfully extracted, an attacker can log in to the account without a physical FIDO device.
It is important to note that in order to carry out the attack, it is necessary to disassemble the YubiKey, exposing the logic board inside. To do this, you will need a hot air gun and a scalpel to remove the plastic case. An attacker must gain access to the part of the board that acts as a secure element that stores cryptographic secrets. The chip is then connected to hardware and software that take measurements while using the key to authenticate an existing account. After the measurements, the device must be placed in a new housing.
Despite the severity of the vulnerability, experts note that two-factor authentication using physical keys remains one of the most reliable methods of protection. It is still effective against phishing and man-in-the-middle attacks.
Users can check the firmware version of their device using the Yubico Authenticator app. The firmware version here is displayed in the upper left corner of the home screen along with the series and model of the key.
For additional protection, YubiKey offers optional measures such as the use of a PIN code or biometric authentication. This will make the attack much more difficult to carry out, because the attacker will need additional information for successful cloning.
It is estimated that the vulnerability has existed for more than 14 years in Infineon's most secure chips. These chips and the vulnerable part of the cryptographic library have passed about 80 certification evaluations of AVA VAN 4 (for TPM) or AVA VAN 5 (for the rest) from 2010 to 2024.
Source
Researchers have discovered a serious vulnerability in the popular YubiKey 5 two-factor authentication devices. This finding could jeopardize the security of many users who rely on these tokens to protect their accounts.
The problem lies in a cryptographic library developed by Infineon. An elevation of privilege vulnerability in the application could allow attackers to clone YubiKey 5 under the condition of temporary physical access to the device. The attack, dubbed EUCLEAK, is based on the analysis of the so-called side channels - information leaks through the physical manifestations of the device's operation.
In this case, the side channel is the time spent on performing certain cryptographic operations. More specifically, the vulnerability manifests itself in modular inversion. An attacker can measure tiny differences in time and, based on this data, extract the ECDSA secret key that underpins the token's security.
Specialists from NinjaLab, who discovered the vulnerability, described in detail the attack mechanism. They used an oscilloscope to measure electromagnetic radiation during token authentication. This allowed them to discover the temporal differences that reveal the key.
More precisely, the vulnerability lies in Infineon's implementation of Euclid's advanced algorithm, a method used, among other things, to compute modular inversion.
All models of the YubiKey 5 series with firmware lower than version 5.7 were vulnerable. Unfortunately, it is impossible to update the firmware on these devices, which makes them permanently vulnerable to this attack. Yubico released firmware update version 5.7 in May, which replaces the Infineon crypto library with its own development. However, this does not solve the problem for devices that have already been released.
The problem isn't just limited to YubiKey. The researchers suggest that the vulnerability could affect a wide range of devices that use Infineon microcontrollers, including smart cards for banking, e-passports, and secure area access systems.
Among the potentially vulnerable microcontrollers, the researchers name Infineon's SLE78, as well as its successors, the Infineon Optiga Trust M and the Infineon Optiga TPM.
To successfully carry out the attack, the attacker will need equipment worth about $11,000 and deep knowledge of electrical engineering and cryptography. This limits the possibility of widespread spread of the threat, making it available mainly to government entities or organizations with comparable resources.
According to the researchers, the offline phase of the attack initially took them about 24 hours, but with additional engineering work on the development of the attack, this time could be reduced to less than one hour.
The YubiKey cloning process involves several steps. First, the attacker must obtain the victim's login and password, for example, through a phishing attack. Then it is necessary to temporarily take possession of the physical device without arousing suspicion in the owner.
Using the stolen credentials, the attacker sends authentication requests while simultaneously measuring the side channels. The device is then returned to the owner, and the resulting data is analyzed to extract the ECDSA private key. Once the key has been successfully extracted, an attacker can log in to the account without a physical FIDO device.
It is important to note that in order to carry out the attack, it is necessary to disassemble the YubiKey, exposing the logic board inside. To do this, you will need a hot air gun and a scalpel to remove the plastic case. An attacker must gain access to the part of the board that acts as a secure element that stores cryptographic secrets. The chip is then connected to hardware and software that take measurements while using the key to authenticate an existing account. After the measurements, the device must be placed in a new housing.
Despite the severity of the vulnerability, experts note that two-factor authentication using physical keys remains one of the most reliable methods of protection. It is still effective against phishing and man-in-the-middle attacks.
Users can check the firmware version of their device using the Yubico Authenticator app. The firmware version here is displayed in the upper left corner of the home screen along with the series and model of the key.
For additional protection, YubiKey offers optional measures such as the use of a PIN code or biometric authentication. This will make the attack much more difficult to carry out, because the attacker will need additional information for successful cloning.
It is estimated that the vulnerability has existed for more than 14 years in Infineon's most secure chips. These chips and the vulnerable part of the cryptographic library have passed about 80 certification evaluations of AVA VAN 4 (for TPM) or AVA VAN 5 (for the rest) from 2010 to 2024.
Source
