YubiKey Cloning Attack

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search

Summary

A YubiKey is a hardware authentication device (Hardware-Token) produced by Yubico. It provides an additional Layer of security for logging into online accounts. It functions as a physical security token for 2-Factor-Authentication (2FA) or Multi-Factor-Authentication (MFA). The Hardware-Token uses the Elliptic Curve Digital Signature Algorithm (ECDSA) and stores the private-key locally on the device. Before being able to log in, the user has to input the YubiKey into the USB-port and prove the possession of the private-key. However, attackers have found a way to extract this private-key with a Side-Channel-Attack and clone the YubiKey, enabling unauthorized authentication. The affected device is the YubiKey 5-Series with a firmware version before 5.7.

General

Passwords

Passwords have been fundamental for authentication for decades and are still the most used authentication method. However, they come with a few weaknesses, which make them vulnerable to data leaks, phishing and identity theft. Users frequently reuse the same password across multiple accounts. That means, that one single data breach can compromise several accounts. Also, many create short or predictable passwords, like "123456" or "password". This makes it an easy target for brute-force attacks. Even long passwords with special characters lose their effectiveness if they are reused many times or remain unchanged for long periods.

Modern Authentication Methods

To address the issues of passwords, other authentication methods were introduced, which offer better security.

  • One example are One-Time-Passwords (OTPs): The offer a higher level of protection by generating unique passwords for each login attempt. E.g.: When trying to log in, the user has to input an OTP which was received by E-mail or SMS.
  • A variation of OTPs are Time-Based-One-Time-Passwords (TOTPs): These are generated on e.g a Smartphone through some Authenticator Application, like Google Authenticator. TOTPs are created constantly and valid for around 30 seconds, before changed. Because TOTPs are created locally on a user's device, they are harder for attackers to intercept.
  • Biometric authentication: Authentication via Biometrics has become increasingly popular, especially on the phones nowadays. This method relies on unique physical characteristics, like fingerprint, facial recognition and iris-scanning. Biometrics are enhancing security by making it difficult for attackers to replicate or steal such information.
  • Hardware-Tokens: Finally, small physical devices, which connect to a website login and create a private-key. YubiKey is such a device and allows users to authenticate by physically inputting the Hardware-Token into the Computer and pressing a button, which calculates the private-key and allows authentication. These are seen as very secure and protective against phishing attacks, because they are physical.

Here a picture of a YubiKey:

Yubi 1.PNG


YubiKey Cloning Attack

Security of YubiKeys

Although YubiKeys are widely trusted for their security, a critical vulnerability was discovered that remained undetected for over 14 years. It was discovered by the security research team NinjaLab, who documented their findings in a 90 page document. The vulnerability is related to a Side-Channel-Attack, which allows users to extract the private-key and thus clone the YubiKey.

Side-Channel-Measurements/Attack

The Side-Channel-Attack primarily relies on analyzing the timing behaviour of a device. During cryptographic operations, a YubiKey consumes power and requires a certain amount of time to process each operation. By measuring factors such as power consumption and timing behaviour, patterns can be identified which potentially reveal the private-key.

Before being able to do an attack, it is necessary to perform Side-Channel-Measurements. These measurements focus on various physical properties, such as power consumption, heat dissipation, electromagnetic radiation, acoustic emissions and the timing behaviour. In the case of a YubiKey, the primary measurements involve timing data, power consumption and electromagnetic singals, which are being measured while sending authentication requests to the device.

Specialized and expensive equipment, such as an oscilloscope (first picture below) and near-field probes (second picture below), are required. The oscilloscope captures precise electrical signals and the near field probes detec electromagnetic emissions.

Yub 2.PNG

Yub 3.PNG

After measuring enough data, the next step is to analyze and interpret these. This involves removing unwanted noise and identifying patterns. By using mathematical algorithms and a trial-and-error approach, the private-key can be extracted.

ECDSA

Elliptic Curve Digital Signature Algorithm (ECDSA) is one of the most used cryptographic methods encountered daily. The Concept of ECDSA is a curve that is symmetric about the x-axis. The process begins with selecting a starting point G on this curve and drawing a straight line through G, intersecting the curve in another point. The intersected point is then reflected across the x-axis and producing a new point G2. This procedure continues for k-times, where k is a very large number.

The general equation for an elliptic curve is:

Yubi4.PNG

Curve self.PNG

The final point after k iterations is denoted as kG, which is important for generating keys and signatures.

A fundamental aspect of ECDSA is its one-way nature: It is easy to compute kG but extremely difficult to determine k if only kG is known.

The private-key d can be calculated using following formula, in which only k and d are unknown:

Yubi5.PNG

After analyzing the Side-Channel-Measurements, the attackers try to extract the variable k, with which they can then calculate the Private-key d.

To verify, whether the extraction of k was successful, the public-key can be validated with following formula:

Yubi6.PNG

Practical Execution of an Attack

There are six steps on how a YubiKey Cloning Attack could look like:

  • 1) Obtaining Login Credentials of a website that is secured with a YubiKey
  • 2) The attacker needs temporary access to the YubiKey
  • 3) Conducting Side-Channel-Measurements
  • 4) Returning the YubiKey unknowingly to the victim
  • 5) Analyzing and interpreting the measurements
  • 6) Creating a YubiKey clone, which can be used as long as the website credentials don't change.

Affected Versions

The affected YubiKey is the 5-Series with any firmware below the version 5.7. Because of the fact that YubiKey's firmware cannot be updated, the vulnerability remains permanently.

Counter-Measurements

Recommendation for Users

For users, its important to keep the affected YubiKey at a safe place where no one can have physical access to it. If the attacker doesn't get physical access to the YubiKey, no clone can be created.

Recommendation for Manufactures

Hardware-Token manufactures also have a few options to prevent Side-Channel-Attacks:

  • Noise injection: By adding artificial noise during the cryptographic operations, the Side-Channel-Measurements can be significantly harder to analyze
  • Constant Time Operation: Ensuring all cryptographic operations take a fixed amount of time, timing-related variations can be eliminated because patterns cannot be seen anymore in the measurements.
  • Physical Shielding: Adding physical shielding to the chip can reduce electromagnetic emissions. This limits the ability of attackers to measure or capture signals in the first place.

References

Retrieved from "https://wiki.elvis.science/index.php?title=YubiKey_Cloning_Attack&oldid=17779"