Yubico identified a side-channel vulnerability in the cryptographic library used in several of its devices, including the YubiKey 5 Series. This vulnerability, related to ECDSA implementation, could allow attackers with physical access to recover private keys. Users must update to firmware version 5.7.0 or higher for protection, as older versions are permanently vulnerable. Recommended mitigations include using RSA keys and strengthening access controls.
Yubico has issued a security advisory regarding a newly discovered side-channel vulnerability affecting the cryptographic library provided by Infineon, utilized in several Yubico devices like the YubiKey 5 Series and YubiHSM 2. This vulnerability pertains to how the Elliptic Curve Digital Signature Algorithm (ECDSA) is implemented, allowing attackers with physical device access and specialized equipment to retrieve private keys under specific circumstances.
The vulnerability mainly influences FIDO applications that depend on cryptography for identity and access management (IAM), but it could also impact other applications such as Personal Identity Verification (PIV) and OpenPGP. Side-channel attacks exploit physical signals like timing and electromagnetic emissions to glean information about the cryptographic operations, which might facilitate the extraction of private keys.
Attackers can analyze the execution timing of cryptographic functions, particularly during modular inversions in the Extended Euclidean Algorithm, to deduce the private key. Variations in processing time during ECDSA operations can reveal critical information, including the nonce, increasing susceptibility to key compromise.
In response to this vulnerability, Yubico has transitioned from Infineon’s cryptographic library to its own implementation in firmware versions 5.7.0 and beyond. Unfortunately, users with older firmware versions face an inherent risk as patching options are not available for these devices.
To mitigate risks for vulnerable devices, manufacturers recommend moving to RSA keys, which are impervious to this flaw, and strengthening access control mechanisms. Enhancements in FIDO attestation security can also be achieved by integrating protocols like YubiOTP or PIV.
This advisory follows research by Eucleak, which highlighted vulnerabilities in various embedded cryptographic libraries, including those used in biometric passports employing ECDSA for digital signatures. The situation points to further security considerations in devices using similar algorithms.
Yubico’s discovery of a side-channel vulnerability in its legacy devices underscores the importance of robust cryptographic practices. Transitioning to updated firmware and utilizing safer cryptographic methods like RSA are essential steps in enhancing security. Additionally, users must remain vigilant and adopt recommended mitigations to safeguard against potential attacks.
Original Source: www.biometricupdate.com
