ECDSA Vulnerability in YubiKey: What You Need to Know
In a recent security advisory, Yubico disclosed a moderate vulnerability (CVE-2024-45678) affecting several of its hardware security devices, including the widely-used YubiKey 5 Series, Security Key Series, and YubiHSM 2. The root cause lies in a flaw within the Infineon cryptographic library, which is employed for generating cryptographic signatures using the ECDSA (Elliptic Curve Digital Signature Algorithm). The vulnerability exposes certain devices to side-channel attacks, though the risk remains relatively low due to the complexity of the exploit.
The issue stems from a weakness in the ECDSA implementation within Infineon’s cryptographic library, which could allow a sophisticated attacker to recover private keys. However, to execute such an attack, the adversary must have physical possession of the affected YubiKey, Security Key, or YubiHSM device, as well as specialized equipment to observe the cryptographic process. Additional credentials, such as a username, PIN, or password, might also be required, depending on the configuration.
The most notable impact of this vulnerability is on FIDO authentication use cases, where elliptic curve operations are a key component of secure authentication protocols. While other applications, such as YubiKey PIV and OpenPGP, could be affected, the risk is tied closely to the use of ECC (Elliptic Curve Cryptography) keys.
The vulnerability was responsibly disclosed to Yubico by Dr. Thomas Roche from NinjaLab in April 2024.
Yubico has identified the following products as vulnerable if they are running outdated firmware versions:
- YubiKey FIDO: The vulnerability impacts FIDO authentication and attestation processes. An attacker could potentially recover FIDO credentials or create fraudulent YubiKeys to bypass authentication controls.
- YubiKey PIV and OpenPGP: The vulnerability may allow an attacker to duplicate elliptic curve signing keys or produce valid attestation statements for keys made outside the YubiKey.
- YubiHSM 2: An attacker could potentially duplicate elliptic curve signing keys or produce valid attestation statements for keys made outside the YubiHSM 2.
Yubico has released firmware updates that address the CVE-2024-45678 vulnerability. Users are strongly urged to update their affected devices to the latest firmware versions:
- YubiKey 5 Series: Version 5.7.0 or newer
- Security Key Series: Version 5.7.0 or newer
- YubiHSM 2: Version 2.4.0 or newer
In addition to updating firmware, users can implement further mitigations depending on their specific use cases:
- YubiKey FIDO: Organizations can enhance security by requiring more frequent FIDO authentication and supplementing FIDO login with other credentials like YubiOTP or RSA attestation statements.
- YubiKey PIV and OpenPGP: Users can mitigate risks by using RSA signing keys and RSA attestation certificates, and requiring PINs for signing operations.
- YubiHSM 2: Users can mitigate by using RSA signing keys and RSA attestation certificates.
