![]() The method was validated in the summer of 2020 and it was reported to Google and Dutch-American semiconductor manufacturer NXP in early October. They conducted experiments on the Google Titan Security Key’s secure element, namely the NXP A700X chip, and Rhea, an NXP J3D081 Java Card that is freely available on the web and which uses the same cryptographic library. ![]() They are recommended for securing very important accounts as they make it very difficult for attackers to access the targeted user’s account even if they have phished their credentials and compromised their mobile phone, which is often used as part of the multi-factor authentication process.Ī new attack method against such devices was described by researchers from NinjaLab, a France-based company that specializes in the security of cryptographic implementations. Security key devices are considered highly efficient when it comes to protecting accounts against takeover attempts and, unlike other types of two-factor authentication (2FA) systems, they are much more difficult to compromise. Researchers have found a way to clone Google’s Titan Security Keys through a side-channel attack, but conducting an attack requires physical access to a device for several hours, as well as technical skills, custom software, and relatively expensive equipment.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |