https://community.isc2.org/t5/Threats/Side-Channel-Attack-on-Google-Titan-Security-Key/m-p/42368#M230 <P>Here is a <A href="https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf" target="_blank" rel="noopener">link</A> to the security research that describes how a Google Titan Security Key can be cloned. These hardware keys have been in use since about 2018. The side-channel attack&nbsp;targets the keys secure element (the NXP A700X chip) by observing local electromagnetic radiations&nbsp;during ECDSA signatures (the core cryptographic operation of the FIDO U2F protocol). From those observations an&nbsp;attacker can then clone a legitimate key.</P> Sun, 10 Jan 2021 15:47:17 GMT AppDefects 2021-01-10T15:47:17Z https://community.isc2.org/t5/Threats/Side-Channel-Attack-on-Google-Titan-Security-Key/m-p/42368#M230 <P>Here is a <A href="https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf" target="_blank" rel="noopener">link</A> to the security research that describes how a Google Titan Security Key can be cloned. These hardware keys have been in use since about 2018. The side-channel attack&nbsp;targets the keys secure element (the NXP A700X chip) by observing local electromagnetic radiations&nbsp;during ECDSA signatures (the core cryptographic operation of the FIDO U2F protocol). From those observations an&nbsp;attacker can then clone a legitimate key.</P> Sun, 10 Jan 2021 15:47:17 GMT https://community.isc2.org/t5/Threats/Side-Channel-Attack-on-Google-Titan-Security-Key/m-p/42368#M230 AppDefects 2021-01-10T15:47:17Z