Yubikey prior to 5.7 firmware can be cloned with physical access within a “few minutes” - neat!
The attack requires physical access to the secure element (few local electromagnetic side-channel acquisitions, i.e. few minutes, are enough) in order to extract the ECDSA secret key. In the case of the FIDO protocol, this allows to create a clone of the FIDO device.
As they note, for most casual Yubikey users there is no need for concern/replacement:
Authentication tokens (like FIDO hardware devices) primary goal is to fight the scourge of phishing attacks. The EUCLEAK attack requires physical access to the device, expensive equipment, custom software and technical skills. Thus, as far as the work presented here goes, it is still safer to use your YubiKey or other impacted products as FIDO hardware authentication token to sign in to applications rather than not using one.
Can this be used as an argument for them finally open sourcing things? I am not technical but only tech savvy. I don’t understand half of what I just read with all this info.
They have 6 different models of YubiKey 5. Why not have a model that has upgradable firmware?
Casual users don’t care about the fact that Yubico needs to sell to governments or security agencies, casual users also don’t have the money or time to waste on new YubiKeys the moment a new feature or important security fix comes out with new firmware.
I assume Yubico won’t offer free replacements to current users. They posted vulnerability on their support page and then told all customers to suck it up and pay again for the same device with new firmware.
This was already established on their old Neo years ago, which had multiple issues and they refused to give replacements to customers who didn’t buy directly from them.
Since their competitor recently received certification, how much has the scales shifted in their direction?
These security microcontrollers are present in a vast variety of secure systems – often relying on ECDSA – like electronic passports and crypto-currency hardware wallets but also smart cars or homes. However, we did not check (yet) that the EUCLEAK attack applies to any of these products.
who knows what other products may be affected by the presence of these microcontrollers?
So for most people it’s a nothingburger because most people are not targeted by state actors, and for corpo users it’s a nothingburger because they’d either have mitigating factors (PINs and a process to invalidate lost credentials ASAP on top of PINs) or have a subscription-based thing with Yubico for their keys - neat!
Do you still believe in certifications? The affected keys from Yubico include those with FIPS certifications and FIDO Level 2 certification. Did these certifications make a difference?
Opensourcing the FIDO applet would not help, the affected keys relied on built-in libraries on Infineon chips. Infineon will never open source their libraries
Hi. In the light of current events I think certification is relevant and primarily in the context of what kind of microcontrollers are there to ensure safety if the device itself is already certified. Please note what deep and informative thoughts can be seen in this thread.
Let me remind you that just recently I felt the need for visibility of certification by the community and @jans23 did not fail, they answered for their words. This is a great foundation for dialog with customers and future followers.
Token2 has also released their statement regarding this, in which they state that their keys are not vulnerable to this attack. Interestingly, they also state the following:
To clarify further, the EUCLEAK attack against passkeys stored on physical security keys requires both physical access to the key and knowledge of the PIN. The attack involves several successful authentications to exploit the vulnerability. In other words, since this attack is only feasible if an attacker already has both the physical key and the correct PIN, the practical risk of this vulnerability is limited, making it a very low-level threat.
I’m not seeing much discussion or talk on this aspect of YubiKeys in the context of EUCLEAK, but does this affect Yubikeys that are only used for the HMAC-SHA1 challenge-response feature to unlock KeePassXC password databases?
The Security Advisory only points to an issue with the ECDSA implementation in the Infineon cryptographic library, which is used in the YubiKey FIDO, YubiKey PIV, and OpenPGP apps.
It does not mention the YubiKey OTP app, which includes the challenge-response configuration you’re talking about, as one which is affected. Indeed they recommend YubiOTP as a workaround to this particular issue.
Thanks for the reply and confirming this! That’s what I was thinking, as there was no mention of the underlying technologies used for YubiKey OTP that EUCLEAK discusses.
As I right now only use YubiKeys to unlock KeePassXC databases, I can rest a little easier regarding my personal use case for YubiKeys. However, due to EUCLEAK, I won’t use my pre-5.7 firmware YubiKeys as FIDO/USB passkeys in the future.
I didn’t state this before, but I had already been using plenty SoloKey devices for FIDO/passkeys on my personal accounts; so even before EUCLEAK, I wasn’t using my YubiKey 5 devices for FIDO/passkeys. Again, I’m only saying this due to my personal use case and this isn’t general advice for everyone.
However, the only device I personally use that affected is a Yubico Security Key - but this is only because my school/work account for MS Azure only works with certified/well-known keys for passwordless login. So, as you said, it’s not severe enough for me to retire the Yubico Security Key for my school/work usage just yet.
The only thing I can add is that, due to the non-updatable firmware of Yubico’s security key products (i.e., Yubico Security Keys and YubiKey 5 devices), those who will use these should only purchase them on a as-needed basis and should avoid stockpiling on these devices. You only need to wait for possibly the next Yubico hardware/firmware vulnerability, which is only slightly more critical than EUCLEAK, to potentially force retirement of affected Yubico devices for usable security. This is especially true if you are an individual or small business user.
