Critical Flaw Found in Two-Factor Authenticator YubiKey Will Likely Not Be Patched

A security flaw in YubiKey authentication devices could let attackers steal keys through a complex, expensive, and highly technical side-channel attack.

By Marco Rizal - Editor, Journalist 3 Min Read
Share this post?
Share this post?

A security flaw in YubiKey authentication devices could let attackers steal keys through a complex, expensive, and highly technical side-channel attack.

Security researchers discovered a flaw in Yubico's YubiKey and YubiHSM devices that could allow attackers to obtain private keys.

The flaw is present in older versions of the devices' firmware and affects the Infineon cryptographic library used in these products.

However, exploiting this vulnerability is difficult because it requires physical access to the device, specialized equipment, and advanced technical skills.

image 19
YubiKey series teardown (Credit: NinjaLab)

Yubico, the company behind YubiKey and YubiHSM, has confirmed the issue in question, but states that the attack is complex and unlikely to occur in everyday scenarios.

They have issued a security notice outlining the vulnerability, but do not intend to release a firmware update, putting some devices permanently at risk.

How the Attack Works

The attack, known as a side-channel attack, was discovered by NinjaLab' Thomas Roche in France.

It specifically targets the Elliptic Curve Digital Signature Algorithm (ECDSA) found in the affected devices.

Attackers can infer private keys by measuring how long it takes the device to perform specific cryptographic operations.

The attack is based on non-constant computing times during a specific mathematical operation known as modular inversion.

image 20
Use of probe to gauge the radio emissions emitted by vulnerable chips as part of the attack process. (Credit: NinjaLab)

Most cybercriminals will be unable to carry out the attack because it requires physical access to the YubiKey, expensive equipment, and custom software.

Nonetheless, it poses a risk in high-security settings where such resources may be available.

Affected Devices

The vulnerability affects YubiKey 5, YubiKey 5 FIPS, YubiKey Bio, YubiHSM, and YubiHSM 2 devices with firmware versions prior to 5.7.2.

Products such as the Feitian A22 JavaCard, which also uses Infineon's cryptographic library, are equally vulnerable.

While Yubico does not intend to release a firmware update for the affected devices, they do recommend several countermeasures to mitigate the risk.

Users, for example, can enable PIN or biometric protection on their devices, making it more difficult for attackers to gain access.

Additionally, shortening FIDO session durations and using RSA keys for certain operations can reduce exposure to this vulnerability.

Yubico's most recent firmware, version 5.7 and above, no longer employs the vulnerable Infineon library.

The company switched to its own cryptographic library, which was unaffected by the discovered flaw.

Should you replace your YubiKey?

Given the attack's complexity, most users are unlikely to face significant risk.

Individuals who work in high-security environments or handle sensitive information should consider replacing their affected YubiKeys or YubiHSM devices.

Yubico has not provided a replacement program or discounted rates for new devices, leaving the decision to replace vulnerable keys to the user.

Leave a comment