According to a recent research article, Google’s two-factor Titan security keys are vulnerable to an attack, which ultimately results in duplication or cloning of keys. It comes with a so-called side-channel vulnerability in the chip that drives the 2FA key itself, and it requires credentials, physical access, complete disassembly of the key, hours of work, estimated thousands of dollars of resources and equipment to reverse construct the cryptographic key, and which in any case will be thwarted in the long run according to U2F standards. In short: most of our readers do not have to worry much.
Full details are available in the 60-page PDF page published by Ninjalab researchers, but the ultimate problem is due to Google’s use of the NXP A700X chip in the security keys that control the private key used to sign and present authentication – in other words, the secret bits in the two-factor key that prove to be yours when you use it. Although the chip itself is not directly vulnerable to attack, a so-called “side-channel attack” can indirectly extract the key through observation – as in, the researchers use the key repeatedly and observe the radio emissions of the secure element to the private key details in it.
From this, attackers can create a hardware copy, something that should make the FIDO U2F protocol impossible. Reportedly, thousands of dollars of hardware are needed to do so, and attackers need your credentials, in addition to the hardware key, which must also be disassembled and noticed during a reasonable amount of time. Although it took about ten hours between disassembly, observation and assembly, they suggest that the time can be cut off as the attack becomes more sophisticated.
Other hardware keys from companies like Feitan and Yubivo that use the same chip may also be vulnerable to this attack. These include the popular but discontinued Yubikey Neo. NXP and Yubico are both aware of the demands of the security investigators, according to statements made to Ars Technica, and also do not dispute the details of the vulnerability. The full list of affected devices noted by the researchers is below
- Google Titan Security Key (all versions)
- Yubico Yubikey Neo
- Feitian FIDO NFC USB-A / K9
- Feitian MultiPass FIDO / K13
- Feitian ePass FIDO USB-C / K21
- Feitian FIDO NFC USB-C / K40
- NXP J3D081_M59_DF and variant
- NXP J3A081 and variant
- NXP J2E081_M64 and variant
- NXP J3D145_M59 and variant
- NXP J3D081_M59 in variant
- NXP J3E145_M64 and variant
- NXP J3E081_M64_DF and variant
In many places, security standards in any case consider a loss of physical access as an immediate loss of security, and two-factor keys can be easily recalled, if you know you have lost possession of them. However, the window for this attack is short enough to happen before you know the key has been taken and replaced. However, it is important that the U2F standard also means that this type of attack should only work for a short period of time. This is because the key exchange also contains a reference to the number of times a key was used in a service, and that the two keys do not match in the end. Locals that follow U2F standards will exclude both keys when they differ, and Google tells Ars that it does meet the standards.
Google does not even offer a huge advantage for physical attacks like this. Although the policy for its Google Play app is listed, it does not appear that other apps are covered.
It remains to be seen how Google or NXP intend to address this issue in the long run – both when it comes to addressing keys that are already in the wild and to mitigate or circumvent attack vectors in the future. (Perhaps better protection in the potty of the disk? Or obscure the internal operations of the disk in future software to interfere with radio analysis?)
Also note, this is not the same “Titan” chip that Google uses in other security settings, like the Titan M on its Pixel phones. Although the company likes to throw the name around where security is important, it has no real meaning or consistency when it comes to real hardware.
This is actually not the first time that Google has experienced issues with the Titan security keys. The original Bluetooth Titan key also had an error that resulted in free replacements being issued. But as long as someone does not actually have access to your key (and your account reference), this new vulnerability is unlikely to be a problem for most of our readers, and you still are manner better at it than not having a 2FA key at all, or relying on SIM swap-vulnerable SMS-based 2FA. However, people who may be subject to a direct attack may consider changing keys.
- Source:
- Ninjalab (direct download warning)