New side-channel attack can recover encryption keys from Google Titan security keys

From zdnet.com

Google Titan Security Keys

A duo of French security researchers has discovered a vulnerability impacting chips used inside Google Titan and YubiKey hardware security keys.

The vulnerability allows threat actors to recover the primary encryption key used by the hardware security key to generate cryptographic tokens for two-factor authentication (2FA) operations.

Read more…