A flaw in Infineonโs security microcontrollers made it possible to extract secret keys using a lab setup that cost just $11,000. ๐๐๐๐ป๐จโ๐ป
A few months ago, security researcher Thomas Roche presented his fundamental research on secure elements used in the YubiKey 5. The security element is the Infineon SLE78, which contains a proprietary implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA).
Using side-channel attacks and a great deal of smart research, the author discovered a vulnerability in Infineon Technologies' cryptographic library and, as a result, was able to extract the ECDSA secret key from the secure element. The cost of the setup was โฌ10,000, including the laptop.
Let me quote the author: "...in fact, all Infineon security microcontrollers (including TPMs) that run the Infineon cryptographic library (as far as we know, any existing version) are vulnerable to the attack."
Infineon is one of the most popular manufacturers of secure elements across many industries, including:
๐ฎ Automotive - used for SecOC and V2X key storage
๐ฎ Medical - used for secure communication, device pairing, and patient data storage
๐ฎ OT (Operational Technology) - used to ensure secure data transmission and device authentication
๐ฎ Avionics - used to ensure firmware integrity, protect IFEC systems, and enable secure communication with ground systems
...and more.
Please stay safe and share this with your peers responsible for security and safety. It's important for them to be informed.
More details:
Side-Channel Attack on the YubiKey 5 Series [PDF]: https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf
This is good to know. The hardware is only as good as the code that runs it.