Comment on YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

<- View Parent
harsh3466@lemmy.ml ⁨2⁩ ⁨months⁩ ago

It’s due to a cryptographic library implementation in a controller used in the yubikey. It’s a third party controller, and this isn’t exclusive to yubikeys either, a shitload of other stuff uses the same controller and is likely vulnerable to the same attack.

Also, the attack requires around $10k worth of equipment and physical access to the yubikey, so while a valid attack vector, it’s also not something to get into a panic about.

source
Sort:hotnewtop