The security of your bitcoins increases significantly by using hardware wallets. However, they are vulnerable to many types of attacks.
Bitcoin Wallet
The role of a wallet is to generate public/private key pairs:
-The public key is used to receive bitcoins (“bitcoin addresses” are encodings of public keys).
-The private key (mathematically linked to its corresponding public key) is used to sign a transaction. The latter is then propagated by the wallet to the miners who will engrave it in the marble of a block.
These are the two main functions of the wallet: generating/storing private keys and signing transactions.
Today, all wallets are called HD for “Hierarchical Deterministic” (BIP44). This type of wallet creates billions of key pairs from a single seed (the famous 12 or 24 words).
Beyond this common architecture, we distinguish the traditional wallet which is installed on your PC or smartphone. And then hardware wallets, which perform the same function, but do not offer the same security guarantees.
The first are simpler since only one program is enough. But they are vulnerable to malware. As Ledger recalled on his blog last year, some spyware like “Pegasus” are capable of exfiltrating SMS, encrypted Signal app messages, phone calls, etc.
Several malware have been developed specifically to empty wallets. In particular KPOT or ElectroRAT which will capture the wallet password when it is typed on the keyboard, decrypt the wallet configuration data and exfiltrate the seed from which all the private keys are derived.
The second type of wallet is a small device, usually the size of a large USB stick. These devices go hand in hand with a wallet installed on your PC. They allow transactions to be signed without the seed ever ending up on a potentially infected PC.
However, a Bitcoin hardware wallet remains vulnerable to a physical attack.
Inside a Bitcoin hardware wallet
At the heart of a hardware wallet is a microelectronic chip (or microcontroller). It is essentially a silicon plate measuring a few square millimeters on which millions of transistors are engraved. These transistors interconnect via microscopic conductive tracks to form logic gates through which electrons flow.
Other interconnection layers are superimposed to bring together the logic gates into more complex functions: microprocessor/controller, memories, etc.
The insides of fleas may well be microscopic labyrinths, but it is still possible to disrupt them during their operation, sometimes surgically, to extract information.
Dungeon Ledger is a specialist in this. Their team also gently tackled its competitor Trezor very recently:
Let us point out, however, that Ledger’s attack is reduced to nothing if the user uses a passphrase. In addition, Trezor will soon have an open source Secure Element (SE) designed by Tropic Square. In the meantime, its latest model Trezor Safe unveiled in October does contain an OS (not open source).
However, the problem is very real. Many attack techniques are well documented and available to more and more people. Some physical attacks have even become very inexpensive.
Many techniques are in reality misappropriations of tools and methods from the field of failure analysis. For example, when space industry engineers inject faults into their circuits using lasers to test their resistance to cosmic radiation.
Preparation techniques (uncapping of boxes, removal of technological layers from a chip, etc.) and imaging (thermal, X-rays, etc.) are also used to hack electronic chips.
In short, it is more or less easy to extract the seed from a Bitcoin hardware wallet. It depends on whether the circuit has a Secure Element or not.
Physical attacks
The first type of attack is called side channel attacks. You will find a description in the latest issue of MISCthe offensive and defensive cybersecurity magazine.
Its goal is the analysis of physical properties of the circuit such as its electrical consumption, its electromagnetic radiation, its calculation times, etc. That is to say a physical quantity that is measurable and directly correlated to information that the attacker seeks to extract.
These attacks are called non-invasive. The attacker only observes the circuit as it operates. Its electricity consumption for example. After enough measurements, statistical tools make it possible to reconstruct the information sought, typically a password.
Demonstration in this video produced by Ledger: Side-channel attacks | Enter the Dungeon.
A second category concerns more invasive attacks called “injection” which physically alter the circuit. We are talking about fault attacks whose principle is to introduce calculation errors during the operation of the circuit.
The objective is to affect the operation of the circuit to extract information or authorize an operation normally prohibited. A whole anthology of “fault attacks” exist:
–“Power Glitch” : This attack consists of cutting power to the circuit to interrupt its processing. Stopping the Flash memory write process can corrupt the written data and cause errors which, the next time the flash memory is powered on, will allow a logic attack.
Demonstration by Ledger: Power glitch attacks | Enter the Dungeon
–“Tension Glitch” : Momentary drop in circuit supply voltage. Inexpensive, this technique simply requires a transistor and a pulse generator.
–“Clock Glitch” : Brief modification of the processor clock frequency (overclocking). This method is just as easy as tension glitches, but also easy to counter.
–“Electromagnetic disturbance” : Emission of a powerful electromagnetic pulse using an antenna placed near the chip. This results in currents in the circuit tracks which modify the values of the logic signals (0 or 1).
–“Laser fault injection” : We illuminate the silicon using a powerful focused laser. This makes it possible to generate unwanted currents in the transistors by photoelectric effect. You need to be able to access the silicon chip.
Laser attack has the advantage of being very surgical by directly targeting small groups of transistors. This technique gives the best results, but it is more expensive and more complex to perform.
Demonstration by Ledger: Laser fault attacks | Enter the Dungeon.
Highly invasive attacks
This third category of attack is generally as complex as it is costly. The silicon chip must be exposed to directly probe the internal signals of the circuit using fine needles.
The goal of the game is to record signals passing through the electrical conductors connecting several components. The attacker can even modify the circuit itself by adding traces or removing connections.
This microsurgery work is carried out using a FIB (Focused Ion Beam) which combines the action of an ion beam and gas to engrave materials or create new connections.
The preparation and imaging work is extremely complex and tedious if the attackers do not have the chip plans. Several months are required to understand in detail how the circuit works and identify which transistors should be targeted.
It really has to be worth the effort to carry out an attack of this magnitude. Typically, a bitcoin wallet that we suspect of being full…
Let’s end by saying that many protections are necessary to effectively protect a chip. Secure Elements carry a lot of them, which makes them much more resistant to physical attacks, unlike traditional microcontrollers.
Receive a summary of the news in the world of cryptocurrencies by subscribing to our new service daily and weekly so you don’t miss anything of the Tremplin.io essentials!
