Wired Wednesday: Breaking Bitcoin Hardware Wallets

in #bitcoin7 years ago (edited)

TL;DR

Tools and techniques used to "break" hardware wallets demystified ...


Your ideas about the security of your hardware wallet might be wrong!

  • "Why do I need to care worry about technical details 'n' stuff?!" you might ask.

  • "I've been down with crypto currency for over a decade!" you say.

  • "Crypto is secure!" you say.

  • "I'm a crypto legend!" you say.

OK OK! I get it; you know what you are doing!

This doesn't mean that despite your best efforts there aren't risks you've either avoided or somehow passed over which you might want to know about ...

Scenario A:

  • Thanks to ALL that Blogging, You are Targeted


AKA Rubber-Hose Cryptanalysis

Please see/use: Hide Your TREZOR Wallets with Multiple Passphrases

Scenario B:

  • First, You Learned the Value of Decentralization ...

(w1nn1ng!)

  • Then You Learned the Importance of Cold-Storage ...

(as opposed to leaving your capital with exchanges)

(w00t!)

  • Next, You Picked Up a Trezor or a Nano S w/o Looking Back ...

(Bravo!)

  • Whoops, LOST that Shit!

(D0h!)

  • Order a Replacement via Amazin Drone ...

(nice!)

  • Call Grandma and Get the Necessary Key(s) ...

(Visit Safety Deposit Box or Dig Up the Backyard etc.)

(WHEW!)

  • Reconfigure Hardware Wallet

(ahhhhh)

  • Continue Living the Dream

(YES sauce!)

What are Side-Channel Attacks?

Per Wikiedia:
"In cryptography, a side-channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms (compare cryptanalysis).

For example, timing information, power consumption, electromagnetic leaks or even sound can provide an extra source of information, which can be exploited to break the system.

Some side-channel attacks require technical knowledge of the internal operation of the system on which the cryptography is implemented, although others such as differential power analysis are effective as black-box attacks."

Common classes of side channel attacks include:

  • Cache Attack
  • Timing Attack
  • Power-Monitoring Attack
  • Electromagnetic Attack
  • Acoustic Cryptanalysis
  • Differential Fault Analysis
  • Data Remanence
  • Software-Initiated Fault Attacks
  • Optical

Intro to Side-Channel Analysis Course


RSA Power Analysis Side-Channel Attack

Demonstration Against RSA (MUST watch. Reality happens @ 9:00)

Side-Channel Analysis Hardware Buying Guide

Breaking Bitcoin Board
@ DIY
If you aren't into soldering, a local shop ought be able to help you out.

bbb.png

ChipWhisperer-Lite (CW1173) Basic Board
@ $250.00 USD
If you love to solder or just on a budget, go for this is the entry level option from Mr. O'Flynn.

ChipWhisperer-Lite (CW1173) Two-Part Version
@ $325.00 USD
If you'd rather not solder (just how many more hours do you need to work to cover the additional $75?) and just "get to it", this step above the entry level option is a good balance of bang for the buck.

Side-Channel & Glitching Starter Pack (Level 1)
@ $550.00 USD
If you expect to be performing this type of research regularly, you might want to consider this package with a helpful few extras. The extras are available individually also so, you are free to build your test lab as you grow.

SAKURA-X
@ ¥ 370,000 (Roughly $3,500 USD!)
If you've secured Gov't funding, this might be up your ally!

Reference

Breaking Bitcoin Hardware Wallets @ DC25
Bitcoin hardware wallets security

Here's some other posts you might be interested in:

Steemit's Easiest Anonymous VPS Setup Guide
Steemit's Easiest Personal Setup Guide
Steemit's Easiest Witness Setup Guide
Steemit's Easiest EOS Setup Guide

If this helped you out, follow tip me @cayce

Sort:  

The 2nd video is really briliant. I want to write posts like he does the video explanation.

So to summarize. Keep your HW in a safe ;-) And once a week or month transfer some little amount to some USB key or smartcard you can take with you. Just like with a bank account but then you have mutliple accounts, one for savings (secure in vault) and for spending, you send it each week to that one.

Yea, that guy is fuckin' great eh!?

So to summarize. Keep your HW in a safe

To summarize I might say: whether it's an exchange or a daily-carry hardware wallet, "Don't keep ALL the eggs in one basket." From talking with a few users and seeing responses to HWs online, I believe that many users feel they are a "silver bullet". The greater the attack surface, the greater the risk.

Fundamental understanding of crypto keys and how digital signing works is key to any solution. The other factor which you have alluded to that can greatly increase likelihood of success is operations/process management.

I figured yesterday that as soon as you noticed your HW wallet is stolen transfer the funds so the secret key they'll find will be worthless to them. Not sure how long it takes them.. ?

The guy is funny! Admitting his mistakes and all LOL!

@cayce this is awesome and insightful info thankss!!! I think simply awareness of threats is crucial part of just participating in the new industry.

This.... is totally not for N00bs to understand at this point of time.... I am already fainting, I need to read this again to digest it better. Probably without the gifs making my head spin.
So let me try to grasp it in a n00b's point of view.
It is safer to make your own hardware wallet than to buy it off from 3rd party production?
Yet I have this saying that I have learned (to be less stressed)

Nothing physical on Earth last forever.
resteemed

It is safer to make your own hardware wallet than to buy it off from 3rd party production?

If you intend to use COTS products, the same scenario will likely be present.

For the same reason most do not walk around with more cash they can spend in a day, don't do the equivalent with a HW!

Congratulations @cayce! You received a personal award!

Happy Birthday! - You are on the Steem blockchain for 2 years!

You can view your badges on your Steem Board and compare to others on the Steem Ranking

Do not miss the last post from @steemitboard:

SteemitBoard - Witness Update
Do not miss the coming Rocky Mountain Steem Meetup and get a new community badge!
Vote for @Steemitboard as a witness to get one more award and increased upvotes!

Coin Marketplace

STEEM 0.21
TRX 0.25
JST 0.038
BTC 98320.57
ETH 3439.18
USDT 1.00
SBD 3.12