EUCLEAK, the vulnerability that allows cloning of YubiKey FIDO sticks
Learn how the EUCLEAK vulnerability puts your cryptographic keys at risk
EUCLEAK is a vulnerability in YubiKey 5 devices (and others with Infineon SLE78 microcontroller) that allows cloning of ECDSA cryptographic keys via side-channel attacks. Requires physical access and specialized equipment. Yubico has issued security advisories.
EUCLEAK is the name given to a serious vulnerability found in FIDO-based devices that leverage the Infineon SLE78 security microcontroller, including the popular YubiKey 5 series from Yubico. If properly exploited, this security flaw allows attackers to extract cryptographic keys from the digital signature algorithm, making it possible to clone authentication devices. The flaw, discovered by researcher Thomas Roche of NinjaLab, poses a significant threat to the security microcontrollers embedded in many cryptographic products, particularly compromising the security of the YubiKey 5.
Features and risks of EUCLEAK
YubiKeys are FIDO-compliant hardware devices similar to a USB stick used for multi-factor, passwordless and NFC authentication. The EUCLEAK vulnerability uses a side-channel attack to extract ECDSA (Elliptic Curve Digital Signature Algorithm) secret keys, compromising the security of cryptographic data. Roche has demonstrated that any product containing Infineon SLE78 microcontrollers and later, including Infineon Optiga Trust M and Infineon Optiga TPM, can be vulnerable. Using an open JavaCard platform based on Infineon technology, the researcher identified a side-channel vulnerability and developed a practical attack method that was successfully tested on a YubiKey 5Ci.
Side-channel based attack procedure
EUCLEAK attacks are derived from side-channel analyses that observe physical variations such as power consumption or electromagnetic emissions during cryptographic operations to authenticate a device. The attack focuses on the cryptographic library of Infineon microcontrollers, exploiting a flaw in the implementation of the Extended Euclidean Algorithm (EEA), which is required for modular inversion of an ephemeral key during digital signature. These operations can leak relevant information, allowing attackers to reconstruct secret keys. However, to carry out the attack, it is essential to have physical access to the target device and use specialized equipment and skills, limiting the risk to entities with considerable resources.
Safety measures and recommendations
Although the attack requires advanced skills, the security implications are significant and should not be overlooked. To protect devices from such threats, it is crucial to implement robust security measures from the design stage. Manufacturer Yubico has issued a security advisory confirming the issue and providing guidance on how to test for the vulnerability in their devices. However, YubiKey devices with firmware older than version 5.7 are vulnerable and cannot be updated. Roche recommends continuing to use vulnerable products rather than switching to solutions without secure elements, with temporary mitigations such as using cryptographic primitives other than ECDSA and requiring a PIN to access the devices.
Follow us on Facebook for more pills like this09/09/2024 12:20
Marco Verro