It’s been a year now that Google has launched a USB key and a Bluetooth security key to increase the level of security of its users when connecting to online services. These keys use the U2F protocol which ensures that a new authentication key is generated each time a service is connected.
This Wednesday, May 15, the firm reveals on its security blog that a security breach had been discovered on the Bluetooth version of the security keys Titan Low Energy (BLE) and proposes to replace the defective units
Google refers to a misconfiguration in Bluetooth pairing protocols that could allow an attacker physically close (10 meters) to communicate with the security key or with the device to which this key is connected.
The Mountain View firm, however, assures that “For the wrong configuration to be exploited, an attacker would have to align a series of events in close coordination”. The idea behind these explanations is to demonstrate that despite the existence of this security vulnerability, a malicious person should combine a certain number of parameters in order to take advantage of the said fault. In other words, it is unlikely that this flaw was exploited. On the other hand, it is indicated that to exploit this flaw, a malicious actor must also have the username and the password of the target.
Google is trying to reassure its users that “This security issue does not affect the primary purpose of security keys, which is to protect against phishing by a remote attacker,” said Google. Then, continue by saying “Security keys remain the most effective protection against phishing; It is always safer to use a key with this problem than to disable 2-step security-based authentication (2SV) on your Google Account or switch to a less phishing-resistant method (SMS or prompts sent to your device, for example). “The firm also insists that this issue does not affect its USB and NFC security keys, but only the Bluetooth Low Energy (BLE) version of its Titan security key.
To conclude, Google offers a replacement key for all holders of a defective unit with a small “T1” or “T2” brand on the back.