Secure Element in Hardware Wallets - page 9.

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: casperBGD on December 29, 2020, 08:08:12 AM

but what they are selling, just a piece of hardware with a software open-source light wallet installed on it?
what is the main difference between that solution, and same open-source software on some old laptop, that is not used for anything else, just to have access to your wallet?

why the Trezor is better (just asking, I do not think that it is not) from old laptop? and old laptop sitting somewhere is the basement could be not recognized as hardware wallet, or it would be harder than seeing Trezor as a wallet

what is a main Trezor advantage, in your opinion?

The difference is that your old laptop would be effectively an air-gapped wallet. This means it has to stay offline (not connected to any network) to be secure.
Together with encryption, that's a really solid setup. But the downside is that its not very convenient to use.

A Trezor (or other hardware wallets) have the advantage of them being used togeter with an online PC without the risk of losing coins.
Security-wise its not as good as an air-gapped wallet, but convenience-wise it is so much more pleasant to use.

You can connect your hardware wallet to an infected device without worrying to have your coins stolen since physical confirmation (in form of a button press) is needed to sign transactions.
That's what all good hardware wallets have in common. A downside of trezor is the physical security which can be avoided by using proper password encryption (which is also necessary with an air-gapped wallet btw).

dkbit98

legendary

Activity: 2212

Merit: 7064

Four more hardware wallets added to the list and they all have various 'secure elements' integrated but like I said before, having secure element does not always make you hardware wallet better or more secure, and I would not recommend buying them:

-Jubiterwallet: EAL6+ SE Infineon, closed source
-Kasse HK-1000: EAL5+ ST31H320 A03, closed source
-Keevo: EAL5+ Infineon Optiga Trust-P, closed source
-Secux: EAL5+ Infineon CC, closed source

dkbit98

legendary

Activity: 2212

Merit: 7064

List is updated with CoolWallet S using CC EAL 5+ SE microchip Secure Element ~~but I couldn't yet identify what exactly chip they are using.~~ NXP P5CD081.

You can read what Kraken team found about CoolwalletS HERE in their report.

Secure element can be hacked or exploited like in any other device, that is why Android for example is having bounty program for anyone who exploits secure element in their devices.

Quote from: ranochigo on December 29, 2020, 08:23:57 AM

...

Let's not forget that Trezor Satoshilabs developers are the first one who created and used BIP39, that is now industry standard and every other hardware wallet is using it.

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: casperBGD on December 29, 2020, 08:08:12 AM

but what they are selling, just a piece of hardware with a software open-source light wallet installed on it?
what is the main difference between that solution, and same open-source software on some old laptop, that is not used for anything else, just to have access to your wallet?

why the Trezor is better (just asking, I do not think that it is not) from old laptop? and old laptop sitting somewhere is the basement could be not recognized as hardware wallet, or it would be harder than seeing Trezor as a wallet

what is a main Trezor advantage, in your opinion?

Trezor was one of the first HW wallet maker and it was their choice to not put a secure element within their devices. Their rationale being that the main attack vector is from the net, among various other stuff [1]. I saw this counterargument (by Ledger) years ago and thought that it made more sense[2].

Trezor is designed to not be vulnerable to typical malware and viruses as its primary purpose is to receive and sign transactions, so the attack vector is pretty small. I think their firmware is also signed so that isn't a threat.

I think your final question is about HW wallets in general. As said, the secure element will mitigate the attacks as mentioned. It really depends largely on your usage. Are you confident with handling air gapped storage? Do you want a bit more convenience while ensuring the same level of security (relative)? Do you want to save money on HW wallets?

Personally, I bought a HW wallet not because it's more secure (the threats are largely irrelevant to me) but that it provides much more convenience and portability than an airgapped wallet. Trust me, a hardware wallets makes everything smoother than starting your RPI up and realising your Electrum got corrupted again and having to find and type in the seeds again.

[1] https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b
[2] https://www.reddit.com/r/Bitcoin/comments/52x08n/is_bankinggrade_security_good_enough_for_your/d7odee4/

casperBGD

legendary

Activity: 2156

Merit: 1151

Nil Satis Nisi Optimum

Quote from: bob123 on December 29, 2020, 05:54:10 AM

Quote from: casperBGD on December 28, 2020, 07:20:09 AM

interesting topic, must say that I was not aware that Trezor does not have any secure element inside

That's the reason the trezor is highly vulnerable to physical attacks.
The trezor needs further protection mechanisms (e.g. strong password) to be sure that an evil maid attack won't make you lose your coins.

but what they are selling, just a piece of hardware with a software open-source light wallet installed on it?
what is the main difference between that solution, and same open-source software on some old laptop, that is not used for anything else, just to have access to your wallet?

why the Trezor is better (just asking, I do not think that it is not) from old laptop? and old laptop sitting somewhere is the basement could be not recognized as hardware wallet, or it would be harder than seeing Trezor as a wallet

what is a main Trezor advantage, in your opinion?

bob123

legendary

Activity: 1624

Merit: 2481

Quote from: dkbit98 on December 28, 2020, 07:12:23 AM

What are the benefits of Secure Element in Hardware Wallets?

- Seed words never leave device but they stay in Secure Element
- Secure updates
- Generating 'random' numbers
- No tempering

The mnemonic code (which you are referring to as "seed words") are not stored on the secure element.
The actual seed is stored there. The mnemonic code is only used to generate the seed.

Secure updates and a RNG does not require a secure element. Any crypto co-processor is sufficient for this.

Yes, a secure element helps against tampering.

Quote from: casperBGD on December 28, 2020, 07:20:09 AM

interesting topic, must say that I was not aware that Trezor does not have any secure element inside

That's the reason the trezor is highly vulnerable to physical attacks.
The trezor needs further protection mechanisms (e.g. strong password) to be sure that an evil maid attack won't make you lose your coins.

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: witcher_sense on December 28, 2020, 08:40:40 AM

What part of Microchip ATECC608A is open source?

Some Hardware Wallet manufacturers are using Microchip ATECC608A and they claim Firmware they use is open source. Passport wallet released everything on their github.
Same chip is used for other devices, not just hardware wallets, and most of it is released on github, but full datasheet is under NDA:
https://github.com/MicrochipTech/cryptoauthlib

No chip or secure element is perfect and there will always be some bugs, but I am not so sure about government backdoors.

witcher_sense

legendary

Activity: 2450

Merit: 4415

🔐BitcoinMessage.Tools🔑

Quote from: dkbit98 on December 28, 2020, 07:12:23 AM

ColdCard Mk3: Microchip ATECC608A covered by epoxy, open source

I have some questions, not a tech-savvy person, just curious.

What part of Microchip ATECC608A is open source? As far as I know, Microchip has stopped publishing datasheets for their microchips after ATECC508A version, further versions are all NDA. Can I trust these secure elements if data is no longer available for everyone to see and check? How can I be sure that governments haven't forced Microchip to implement some backdoors to steal my crypto?

Found an old topic from Trezor explaining the reasons why they don't use secure elements https://blog.trezor.io/is-banking-grade-security-good-enough-for-your-bitcoins-284065561e9b

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: Pmalek on December 28, 2020, 07:56:11 AM

It seems that Ledger has no intention of making the secure element fully open-source.

NDA with chip manufacturer is very important, but who cares about 'stupid' customer data...it is open for everyone Roll Eyes

They don't want to ever change this, and that is why my open source wallets of choice would be ColdCard mk3, BitBox02 and CoboVault and not in that specific order.

Pmalek

legendary

Activity: 2730

Merit: 7065

The summary page states that the vulnerabilities discovered in the Ledger Nano S were all fixed. But since it's closed source, it can't be reviewed. Unless there is a newer research that confirms the vulnerabilities are still there, can we assume this is no longer a threat?
As an extra tip, waiting a few weeks before performing a firmware update wouldn't be bad if someone has reasons to believe the servers might be hacked and are storing a fake firmware.

It seems that Ledger has no intention of making the secure element fully open-source.

Quote

We're great supporters of open-source and strive to open-source as much of our software as possible. In that light, we will soon open-source the part of the firmware that is responsible of displaying the dashboard where you can see the apps. The parts of the firmware that interact with secure parts of the Secure Element will not be open-sourced, since they are based on proprietary technology, protected by patents and an NDA we signed with the chip manufacturer.

https://www.reddit.com/r/ledgerwallet/comments/e1wh5q/is_ledger_going_to_make_the_firmware_open_source/

dkbit98

legendary

Activity: 2212

Merit: 7064

Sure, Trezor only have one chip and everything is open sourced, but that does not mean that having dual chip and secure element is always better, especially if that chip is using closed source firmware (see posted example for exploits), and yes nothing will help you if you send scammers your seed words.

casperBGD

legendary

Activity: 2156

Merit: 1151

Nil Satis Nisi Optimum

interesting topic, must say that I was not aware that Trezor does not have any secure element inside

it is always good to divide complicated things into small parts, for better understanding by community, and educate community as much as possible, that is the only way to decrease number of scams that are inevitable part of every industry, especially growing one, like crypto industry

but, nothing will help you if you do not secure your own data properly, it can not be overstated the importance of securing your own private keys / mnemonic seeds, and not sharing those with anyone, and interacting with proven wallets/exchanges only

dkbit98

legendary

Activity: 2212

Merit: 7064

I see many people talking about Secure Element in hardware wallet like some mythical creature that will protect us from all evil, but in reality Secure Element is just a chip or microcontroller used in a similar way like in SIM cards, SDcards, IDs, Payment Cards or Phones, and they can potentially be exploited by malicious firmware updates.
In Hardware wallets they are used as second chip for storing private keys and seed words.

What are the benefits of Secure Element in Hardware Wallets?

- Seed words never leave device but they stay in Secure Element
- Secure updates
- Generating 'random' numbers
- No tempering

Secure Elements can be open source (can be verified and confirmed) or closed source (any firmware can be used including malicious), certified or not certified.

Current state of Secure Elements is Hardware wallets:

Trezor: NO Secure Element (they suggest using BIP39 and Passphrase encryption; secure element planned for 2022)**
Keepkey: NO Secure Element
Jade: NO Secure Element (it has secure boot and encrypted flash)
ColdCard Mk3: Microchip ATECC608A covered by epoxy, open source
Bitbox02: Microchip ATECC608A, open source
Passport: Microchip ATECC608A,open source
Ledger: EAL5+/EAL6+ ST31H320, ST33J2M0, closed source!
D'CENT: EAL5+ NXP P60
Safepal S1: EAL5+ ? unknown chip, closed source
CoolWallet S: EAL5+ SE microchip NXP P5CD081, closed source
CoolWallet Pro: EAL6+ SE microchip NXP J3R110, closed source
Jubiterwallet: EAL6+ SE Infineon, closed source
Kasse HK-1000: EAL5+ ST31H320 A03, closed source
Keevo: EAL5+ Infineon Optiga Trust-P, closed source
Secux: EAL5+ Infineon CC, closed source
Ngrave: EAL7+ STM32MP157C with unknown built-in secure element, ?
Tangem: EAL6+ Samsung SecureCore microchip, open source sdk
ImKey: EAL 6+ Military-grade CC security chip, closed source
Wookong: EAL 4+ ? unknown chip, closed source
Hashwallet: EAL 6+ Infineon SLE78 secure element
Opolo: EAL 6+ NXP secure element, closed source
OneKey: EAL 6+* HSC32I1 secure element; EAL 4+ according to hsec website
HyperMate: EAL 6+ Infineon secure element, open source
~~CoboVault~~: EAL5+ (FIPS 140-2) probably MAX36010-BSN-T secure element with open source firmware
KeyStone: EAL5+ ARM Cortex-M0

Let's see some examples how Hardware Wallets got exploited before in presentation Exploiting Hardware Wallet’s Secure Element by Riscure and Sergei Volokitin.

If you can choose, then always go for Open Source.

*EAL = Evaluation Assurance Level

Quote

EAL1 - functionally tested
EAL2 - structurally tested
EAL3 - methodically tested and checked
EAL4 - methodically designed, tested, and reviewed
EAL5 - semi-formally designed and tested
EAL6 - semi-formally verified design and tested
EAL7 - formally verified design and tested

**Trezor is working on their own fully open source Secure Element chip and they started separate project for this purpose called Tropic Square.

Topic: Secure Element in Hardware Wallets - page 9. (Read 3443 times)