Infineon / YubiKey Cloning Vulnerability

Original Ars Technica Story

This is, unfortunately, a big deal. Not just for the users of YubiKeys, but also for anything using Infineon crypto chips. Infineon makes the crypto chips in a ton of devices, including TPMs, smart cards, passports, credit cards, and SIM cards. I suspect there will be more fallout from this, as additional devices are found to be using the same cryptographic library.

There are two important mitigations:

First, this only applies to Elliptic Curve cryptography (ECDSA specifically). While the world has (slowly) been moved to ECC, its adoption is still limited. Unfortunately, FIDO / FIDO2 does use ECC.

Second, this attack requires physical access to the device and the private key operation to occur for the side channel to be exploitable. Any operation that first requires authentication (for example, by supplying a password/pin) would not be vulnerable (presuming the attacker doesn’t have the requisite password/pin).

For FIDO devices (like YubiKeys), the scenario to be worried about: If a site only requires the FIDO key be “touched”, that key can be cloned. Sites that require both the FIDO key’s pin + touch, are not vulnerable. Often, the “touch-only” mode of FIDO keys is used as a 2nd factor (after supplying a username+password). While the pin+touch route is usually a full standalone authentication (commonly called a Passkey).