EUCLEAK Side-Channel Attack on the YubiKey 5 Series (Revealing and Breaking Infineon ECDSA Implementation on the Way)

The present work unearths a side-channel vulnerability in the cryptographic library of Infineon Technologies, one of the most important secure element manufacturers. This vulnerability - that went unnoticed for 14 years and about 80 highest-level Common Criteria certification evaluations - is due to a non constant-time modular inversion. The attack requires physical access to the secure element (few local electromagnetic side-channel acquisitions, i.e. few minutes, are enough) in order to extract an ECDSA secret key. The attack is demonstrated on a FIDO hardware token from Yubico where it allows to create a clone of the FIDO device. Yubico acknowledged that all YubiKey 5 Series (with firmware version below 5.7) are impacted by the attack. Furthermore, strong arguments tend to indicate that all Infi-neon security microcontrollers (including TPMs) that run the Infineon cryptographic library are vulnerable to the attack.