Security Advisory SB-2025-01: Attestation Key Recovery

Published: 2025-09

CVSS Severity: 4.8

Summary

In September 2024 the EUCLEAK vulnerability, which affected the iShield Key 1 series was discovered and patched in October 2024. See Security Advisory SB-2024-01 (https://swissbit.com/security-advisory/sb-2024-01).

In July 2025, the German BSI brought to our attention that it's possible to recover the attestation private key from an unpatched iShield Key 1 device.

Since the attestation key has remained constant, a relying party cannot verify whether the attestation signature originated from an authentic iShield Key 1 device regardless of the firmware version. An attacker could create a fraudulent iShield Key 1 which would produce a valid FIDO attestation signature during registration. Organizations that depend on the FIDO attestation to verify the authenticity of an iShield Key 1 should no longer trust the attestation signature of the iShield Key 1 with AAGUIDs:

  • 931327dd-c89b-406c-a81e-ed7058ef36c6

  • 5d629218-d3a5-11ed-afa1-0242ac120002

Affected Products

  • iShield Key Pro

  • iShield Key FIDO2

Affected Part Numbers

  • SNU20000D1PBAN0-E-XX-XXX-XXX

  • SNU20000D1PBCN0-E-XX-XXX-XXX

Not Affected Products

All products in the iShield Key 1.1 & iShield Key 2 series are not affected

  • Swissbit iShield Key 1.1

  • Swissbit iShield Key 1.1 FIPS

  • Swissbit iShield Key 2

  • Swissbit iShield Key 2 FIPS

  • Swissbit iShield Key 2 Enterprise

  • Swissbit iShield Key 2 FIPS Enterprise

Not Affected Part Numbers

  • PK2000IA0000E-1002-XXX-XXX

  • PK2000IC0000E-2002-XXX-XXX

  • PK2000IA0000E-2002-XXX-XXX

How to Check if Your Device Is Affected

To determine whether your iShield Key 1 is affected:

  1. Open the iShield Key Manager and connect your iShield Key 1.

  2. Check the AAGUID field in the FIDO2 card. If it matches one of the following, your device is affected:

  • 931327ddc89b406ca81eed7058ef36c6

  • 5d629218d3a511edafa10242ac120002

FIDO Attestation Private Key Recovery

A sophisticated attacker with specialized equipment can create a fraudulent iShield Key 1 device that is indistinguishable from a legitimate one.
FIDO attestation is used to prove to a relying party that a security key is of the make and model that it claims to be. This is achieved using a shared attestation private key that signs the makeCredential response during registration.
To protect user privacy, the same attestation key is used across all devices of the same model. It is typically rotated after at least 100,000 units have been produced.
However, since the attestation key for iShield Key 1 devices was not rotated, even devices with firmware version 3.35.0 or later remain vulnerable.

Implication: Organizations that depend on the FIDO attestation to verify the authenticity of an iShield Key 1 should no longer trust the attestation signature of a newly registered iShield Key 1.

Besuchen Sie uns:

Abonnieren Sie unseren Newsletter

Bleiben Sie mit Swissbit in Kontakt und erhalten Sie die neuesten Informationen. Der Swissbit Newsletter informiert Sie regelmäßig über Neuigkeiten rund um Speicher- und Sicherheitslösungen sowie über aktuelle Veranstaltungen und neue Produkte.

Jetzt abonnieren

Über Swissbit

Swissbit bietet branchenführende Speicher- und Sicherheitslösungen für zuverlässige Datenspeicherung, wirksamen Schutz sensibler Informationen und sicheren Zugriff auf kritische Anwendungen. So unterstützen wir unsere Kunden dabei, die digitale Transformation in verschiedensten Branchen voranzutreiben.

Mehr Swissbit

Made in Germany
Vertriebspartner
Karriere
Kontakt
© 2026 Swissbit AG
Impressum
Datenschutz
Copyright-Hinweis
AGBs
Blog
Rücknahme & Recycling
Cookie Einstellungen