Researchers at NinjaLabs have figured out how to clone a Google Titan 2FA Key. It only requires a few easy steps:
- Steal the key for at lest ten hours
- Use a scalpel and hot air gun to expose the NXP A700X chip.
- Connect chip to special hardware and software to analyze electromagnetic signatures
- Exploit side channel attack
- Take ten hours to extract a single key or 16 hours to clone to keys or 22 hours for 3 keys. Time consuming!
- Have 12,000 USD + in equipment and sophisticated software and background in electromagnetic engineering.
Since all of this is no simple walk in the park only a very serious well resourced attacker or more likely a Nation State could likely pull this off. Google said they weren’t paying a bounty since the key had to be stolen and then taken to a location to perform the sophisticated software analysis and swapped back before someone realized it was gone:) But you can read about the exploit here.
This could be of concern to diplomats, journalists and others who might be considered a high value target worth the effort.