In a successful attack scenario, a bad actor would steal a user’s login ID and password (through phishing or other means), then gain physical access to their token without their knowledge. They would then send authentication requests to the token while recording measurements on the side token. Once the device has been returned, they can then launch a side-channel attack to extract the Elliptic Curve Digital Signature Algorithm (ECDSA) linked to the account. This then gives them undetected access.
“Let us assume an attacker is able to steal your YubiKey, open it to access the logic board, apply the EUCLEAK attack and then re-package the original YubiKey in such a way that you do not realize that you lost it in the first place,” said Roche. “Then the attacker can build a clone of your authentication factor — a copy of your own YubiKey. You feel safe when you actually are not.”
The cryptographic flaw that allows this exists in a small microcontroller in the device, and impacts all YubiKeys and Security Keys running firmware earlier than version 5.7 (which was released in May). It also impacts YubiHSM 2 versions prior to 2.4.0 (rolled out just this week).