Titan Security Key

The Titan Security Key is a FIDO-compliment security token developed by Google which contains the Titan M cryptoprocessor which is also developed by Google. It was first released on October 15, 2019.[1]

Titan Security Key
Common manufacturersGoogle
Yubico
Design firmGoogle
IntroducedOctober 15, 2019
CostUS$30
ColorWhite

Depending on the features, the key costs $25-$35,[2] but Google has provided them for free to high-risk users.[3] It is considered a more secure form of multi-factor authentication to log in to first-party and third-party services and to enroll in Google's advanced protection program. In 2021, Google removed the Bluetooth model due to concerns about its security and reliability.[2]

Vulnerabilities

The Bluetooth models initially had a security bug that allowed anyone within 30 feet to make a clone of the key.[4] The security firm NinjaLab has been able to extract the key using a side channel attack.[5] In 2019, Google has put a bug bounty up to 1.5 million USD on the Titan chip.[6]

References
  1. "USB-C Titan Security Keys - available tomorrow in the US". Google Online Security Blog. Retrieved 2022-02-03.
  2. Clark, Mitchell (2021-08-09). "Google's new Titan security key lineup won't make you choose between USB-C and NFC". The Verge. Retrieved 2022-02-04.
  3. "Google to give security keys to 'high risk' users targeted by government hackers". TechCrunch. Retrieved 2021-10-09.
  4. "Google recalls some Titan security keys after finding Bluetooth vulnerability". Engadget. Retrieved 2022-02-03.
  5. Goodin, Dan (2021-01-08). "Hackers can clone Google Titan 2FA keys using a side channel in NXP chips". Ars Technica. Retrieved 2021-10-09.
  6. Porter, Jon (2019-11-21). "Google really wants you to hack the Pixel's Titan M security chip". The Verge. Retrieved 2021-10-09.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.