floofloof@lemmy.ca to Technology@beehaw.orgEnglish · 4 months agoYubiKeys are vulnerable to cloning attacks thanks to newly discovered side channelarstechnica.comexternal-linkmessage-square21fedilinkarrow-up186arrow-down10cross-posted to: yubikey@lemmy.cahardware@lemmy.world
arrow-up186arrow-down1external-linkYubiKeys are vulnerable to cloning attacks thanks to newly discovered side channelarstechnica.comfloofloof@lemmy.ca to Technology@beehaw.orgEnglish · 4 months agomessage-square21fedilinkcross-posted to: yubikey@lemmy.cahardware@lemmy.world
minus-squareBCsven@lemmy.calinkfedilinkarrow-up12·4 months agoTotally a non issue unless a government arrested somebody with the intent to gain their key because : "The attacks require about $11,000 worth of equipment and a sophisticated understanding of electrical and cryptographic engineering. "
minus-squareBitrot@lemmy.sdf.orglinkfedilinkEnglisharrow-up3·4 months agoIf they arrest someone to gain access to their key, they don’t need this attack to use their key. They can just use their key.
minus-squareBCsven@lemmy.calinkfedilinkarrow-up1·4 months agoSorry I was thinking of when you have yubikey setup with PIN code for access. But yeah, I guess the attack vector is clandestine theft and replace.
Totally a non issue unless a government arrested somebody with the intent to gain their key because : "The attacks require about $11,000 worth of equipment and a sophisticated understanding of electrical and cryptographic engineering. "
If they arrest someone to gain access to their key, they don’t need this attack to use their key. They can just use their key.
Sorry I was thinking of when you have yubikey setup with PIN code for access. But yeah, I guess the attack vector is clandestine theft and replace.