YubiKey security keys can be cloned using a side-channel attack that leverages a vulnerability in a third-party cryptographic library.

The attack, dubbed Eucleak, has been demonstrated by NinjaLab, a company focusing on the security of cryptographic implementations. Yubico, the company that develops YubiKey, has published a security advisory in response to the findings. 

YubiKey hardware authentication devices are widely used, enabling individuals to securely log into their accounts via FIDO authentication.  

Eucleak leverages a vulnerability in an Infineon cryptographic library that is used by YubiKey and products from various other vendors. The flaw allows an attacker who has physical access to a YubiKey security key to create a clone that could be used to gain access to a specific account belonging to the victim.

However, pulling off an attack is not easy. In a theoretical attack scenario described by NinjaLab, the attacker obtains the username and password of an account protected with FIDO authentication. The attacker also gains physical access to the victim’s YubiKey device for a limited time, which they use to physically open up the device in order to gain access to the Infineon security microcontroller chip, and use an oscilloscope to take measurements.

NinjaLab researchers estimate that an attacker needs to have access to the YubiKey device for less than an hour to open it up and conduct the necessary measurements, after which they can quietly give it back to the victim. 

In the second stage of the attack, which no longer requires access to the victim’s YubiKey device, the data captured by the oscilloscope — electromagnetic side-channel signal coming from the chip during cryptographic computations — is used to infer an ECDSA private key that can be used to clone the device. It took NinjaLab 24 hours to complete this phase, but they believe it can be reduced to less than one hour.

One noteworthy aspect regarding the Eucleak attack is that the obtained private key can only be used to clone the YubiKey device for the online account that was specifically targeted by the attacker, not every account protected by the compromised hardware security key. 

“This clone will give access to the application account as long as the legitimate user does not revoke its authentication credentials,” NinjaLab explained.

Yubico was informed about NinjaLab’s findings in April. The vendor’s advisory contains instructions on how to determine if a device is vulnerable and provides mitigations. 

When informed about the vulnerability, the company had been in the process of removing the impacted Infineon crypto library in favor of a library made by Yubico itself with the goal of reducing supply chain exposure. 

As a result, YubiKey 5 and 5 FIPS series running firmware version 5.7 and newer, YubiKey Bio series with versions 5.7.2 and newer, Security Key versions 5.7.0 and newer, and YubiHSM 2 and 2 FIPS versions 2.4.0 and newer are not impacted. These device models running previous versions of the firmware are impacted. 

Infineon has also been informed about the findings and, according to NinjaLab, has been working on a patch. 

“To our knowledge, at the time of writing this report, the patched cryptolib did not yet pass a CC certification. Anyhow, in the vast majority of cases, the security microcontrollers cryptolib cannot be upgraded on the field, so the vulnerable devices will stay that way until device roll-out,” NinjaLab said. 

SecurityWeek has reached out to Infineon for comment and will update this article if the company responds. 

A few years ago, NinjaLab showed how Google’s Titan Security Keys could be cloned through a side-channel attack. 

Related: Google Adds Passkey Support to New Titan Security Key 

Related: Massive OTP-Stealing Android Malware Campaign Discovered

Related: Google Releases Security Key Implementation Resilient to Quantum Attacks