Is it possible for an infected endpoint to steal private keys from a FIDO U2F Hardware Token / Yubikey? What attacks exist against these hardware tokens? What mitigations are possible? For the scope of this question it's limited to U2F Keys, some Yubikeys allow you to store SSH and GPG Keys those are outside the scope of this question.
Asked
Active
Viewed 241 times
1 Answers
4
No, this is not possible. Secrets can't be extracted from Yubikey tokens once they've been written. U2F keys don't even allow the secret to be written.
AndrolGenhald
- 15,436
- 5
- 45
- 50