Safety researchers from Ninjalab have developed a technique known as Eucleak which allows for the cloning of ECDSA keys stored in cryptographic tokens such as Yubikey 5 and other devices utilizing the cryptographic library from Infineon. This attack can be applied not only to Infineon Sle78 chips like Yubikey 5 but also to many other Infineon microcontrollers, including Infineon Optiga Trust M and Infineon Optiga tpm.
The feasibility of the attack has been demonstrated on Yubikey 5CI and TPM keys on SLB96xx chips, while theoretical possibilities exist for other devices. Yubikey 5 has addressed the vulnerability in firmware version 5.7 by updating the cryptographic library. Although corrections for the Infineon library vulnerability have been developed, they are awaiting certification. Apart from Yubikey 5, potential vulnerabilities extend to TPM chips from Lenovo, Dell, and HP, certain smartphones, hardware security tokens, SIM cards, EMV chips on bank cards, and electronic passport chips used in various countries.
The risk of key cloning is mitigated by the difficulty and conditions required to execute an attack. The attacker must physically access the key, disassemble it, remove the plastic case and protective shell, and then recreate the case using a 3D printer. While scanning the key takes minutes, the disassembly and reconstruction process can take up to an hour. Recreating the closed ECDSA key from scanned data involves approximately 24 hours of calculations, which could be reduced with automation and optimization.
For a successful attack on services with multifactor authentication, in addition to cloning the key, the attacker would need to obtain the login and password for the service where the hardware key is used for additional authentication. In cases where Fido2 Passwordless modes are in use, the attacker may need to replicate a unique biometric factor, such as a fingerprint.