The reputation of security keys has taken a battering in the last couple of months. Two manufacturers have had to recall their keys after insecure implementations put customers in danger. What does this mean for public perceptions of hardware security?
Manufacturer Yubico recalled its Yubikey FIPS-compliant security key last week after it found a problem with the cryptographic algorithm it used. The device, which is supposed to produce a set of random values to protect its secret information, was less random than the company thought. FIPS is a security standard for public sector organizations in the US.
Yubikey isn't the only company to have recalled its security keys recently. In May, Google had to recall the bluetooth version of its Titan security key. The problem lay with its Bluetooth Low Energy (BLE) functionality, which enabled users to wirelessly verify their key with their computer or mobile device.
The BLE implementation was insecure, allowing an attacker who was physically close to the security key to intercept the signal that it sent to the computer. They could then use that signal to impersonate the key's user and gain access to their account.
Google maintained that the attack was unlikely and that users were better off using the key than not. Nevertheless, it must have been sweet music for Yubico, which partnered with Google on the development of the U2F security standard it used and which had supplied the search giant with keys for an internal project to protect its employees' accounts. Yubico previously thumbed its nose at Google's decision to use bluetooth, arguing that it hadn't done so itself because the protocol wasn't secure enough.
Do these recalls mean security keys can't be trusted? Hardly. Implementation flaws are a common occurrence in software and hardware products alike, and we will no doubt see more. Nevertheless, as Google pointed out, you're still safer using a hardware key for two-factor authentication than you are relying on your password as a single factor. The sooner that the world can switch to hardware-based 2FA that goes beyond SMS or even two-step verification techniques, the better.