[ajsharp]

> Our work describes a side-channel attack that targets the Google Titan Security Key’s secure element (the NXP A700X chip) by the observation of its local electromagnetic radiations during ECDSA signatures (the core cryptographic operation of the FIDO U2F protocol). In other words, an attacker can create a clone of a legitimate Google Titan Security Key.

This is a wildly impressive vuln to discover. Cheers to these guys. Holy hell.

[duckfang]

Indeed it is impressive but not wildly so. Most consumer-ish hardware falls prey to all sorts of various TEMPEST attacks. You can even get started with a HackRF and some inductive loop antennas. It would set you back $130 or so on ebay.

From there, you would have to establish some sort of baseline - that would be the hard part. Once done, you're going to be dealing with amplitude based signals (2ASK primarily). The next step is to determine the frequency the device is running at, and tune to it or 2nd or 3rd harmonics.

From there, it's getting the signal out of the noise, and decoding it for the win.

I've done it a few times. Sorry, I don't have a CVE to my name.

[AlexCoventry]

> observation of its local electromagnetic radiations during ECDSA signatures

Is there any hardware which is invulnerable to this type of observation?

[zinekeller]

Physics-wise in an ideal world, no. But it is possible and should be designed (like using better shielding and improving tamper resistance) so that the released radiation is minimal to the point that it is indistinguishable from noise. These are actually very possible: radiation-hardened parts are hardend against out to in radiation but usually also blocks in to out EM radiation.