A Side Journey to Titan (V. Lomné)

The Google Titan Security Key is a FIDO U2F hardware device proposed by Google (available since July 2018) as a two-factor authentication token to sign in to applications (e.g. your Google account). This work describes a side-channel attack that targets the Google Titan Security Key’s secure element (the NXP A700X chip) by the observation of its local electromagnetic radiations during ECDSA signatures (the core cryptographic operation of the FIDO U2F protocol). In other words, an attacker can create a clone of a legitimate Google Titan Security Key.

Victor holds a master degree in cryptology and computer security from the university of Bordeaux, France, and a PhD degree in microelectronics from the university of Montpellier, France. He worked during 7 years as security expert in the hardware security team of the scientific division of ANSSI (French Cybersecurity Agency) in Paris, France. During these years he created and was responsible for the team lab, worked as penetration tester on a wide range of products, and was technical support for the ANSSI National Certification Center. He then came back to work as researcher at the LIRMM (laboratory of computer science, robotics and microelectronics of the university of Montpellier), before co-founding NinjaLab. Victor is also an active academic researcher in the fields of cryptology and hardware security, with publications, keynotes and program committee membership in top conferences like CHES, FDTC and COSADE.