Bitcoin Forum
September 21, 2018, 08:32:01 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Breaking The Ledger Security Model  (Read 78 times)
Xynerise
Sr. Member
****
Offline Offline

Activity: 280
Merit: 280

39twH4PSYgDSzU7sLnRoDfthR6gWYrrPoD


View Profile
March 20, 2018, 02:12:05 PM
 #1

Saleem Rashid writes on the vulnerability he discovered in Ledger hardware wallets. The vulnerability arose due to Ledger’s use of a custom architecture to work around many of the limitations of their Secure Element.

The vulnerability could be used to mount a supply chain attack.

It is recommended you update your Ledger to the latest version.

https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/

This is Ledger's official response:
https://www.ledger.fr/2018/03/20/firmware-1-4-deep-dive-security-fixes/
1537561921
Hero Member
*
Offline Offline

Posts: 1537561921

View Profile Personal Message (Offline)

Ignore
1537561921
Reply with quote  #2

1537561921
Report to moderator
1537561921
Hero Member
*
Offline Offline

Posts: 1537561921

View Profile Personal Message (Offline)

Ignore
1537561921
Reply with quote  #2

1537561921
Report to moderator
Make a difference with your Ether.
Donate Ether for the greater good.
SPRING.WETRUST.IO
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537561921
Hero Member
*
Offline Offline

Posts: 1537561921

View Profile Personal Message (Offline)

Ignore
1537561921
Reply with quote  #2

1537561921
Report to moderator
1537561921
Hero Member
*
Offline Offline

Posts: 1537561921

View Profile Personal Message (Offline)

Ignore
1537561921
Reply with quote  #2

1537561921
Report to moderator
1537561921
Hero Member
*
Offline Offline

Posts: 1537561921

View Profile Personal Message (Offline)

Ignore
1537561921
Reply with quote  #2

1537561921
Report to moderator
vit05
Sr. Member
****
Offline Offline

Activity: 406
Merit: 289



View Profile WWW
March 20, 2018, 05:44:28 PM
 #2

TL;DR

So, he shows how it is possible that a reseller hack a Ledger before sell to the client. Upload compromised firmware that avoids detection from secure element and shows you on display predetermined seed instead of generating random seed.

Quote
As you may want to understand more precisely the impact of the mitigated security issues, you will find below an overview of each attack’s impact.

Oracle Padding on SCP

No impact regarding the security of your device.

MCU fooling

By having physical access to the device before generation of the seed, an attacker could fool the device by injecting his seed instead of generating a new one. The most likely scenario would be a scam operation from a shady reseller.

If you bought your device from Ledger or an authorized reseller, it is extremely unlikely that your device could have been compromised using the above scenario;

If you bought your device from a different channel, if this is a second hand device , or if you are unsure, then you could be victim of an elaborate scam. However, as no demonstration of the attack in the real has been shown, it is very unlikely;

In both cases, a successful firmware update is the proof that your device has never been compromised.

Isolation exploit

This attack can be achieved only by having physical access to the device, knowing your PIN code and installing a rogue unsigned application. This rogue app could break isolation between apps and access sensitive data managed by specific apps such as GPG, U2F or Neo.

If you have never installed an unsigned application yourself (requiring the use of command line tools and ignoring a security warning on the device), then you are perfectly safe.


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
   
       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
Better. Quick.

Transparent.






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
Kate Beckett
Member
**
Offline Offline

Activity: 252
Merit: 27


View Profile
March 30, 2018, 07:58:46 AM
 #3

This is the second news over the past two months about the vulnerability of this wallet. Despite the company's statements about the reliability and security of the wallet, Saleem Rashid demonstrates the opposite. On the way from the conveyor to the buyer, the firmware of the wallet can be updated, which will allow the hacker to steal funds that appear on the device. Detection of this problem will strike a blow to the Ledger reputation. After such news, I would not recommend using this wallet, in spite of some of its advantages.
bob123
Hero Member
*****
Offline Offline

Activity: 686
Merit: 568



View Profile WWW
March 30, 2018, 02:03:14 PM
 #4

This is the second news over the past two months about the vulnerability of this wallet.

Well, this still is the same vulnerability (which already has been fixed).
Its just a repost.



Despite the company's statements about the reliability and security of the wallet, Saleem Rashid demonstrates the opposite.
After such news, I would not recommend using this wallet, in spite of some of its advantages.

While this vulnerability indeed could have lead to a theft, the attacker still would have needed physical access.
Just because a vulnerability has been found, this doesn't mean ledger is no longer recommended.

Nothing is 100% secured. Its not about IF a vulnerability will be found, its about WHEN it will be found.
Every wallet had/has/will have a vulnerability. The question is who finds it first. White- or black hat.


CryptoRobert
Sr. Member
****
Offline Offline

Activity: 504
Merit: 253



View Profile
April 13, 2018, 12:09:03 PM
 #5

Saleem Rashid writes on the vulnerability he discovered in Ledger hardware wallets. The vulnerability arose due to Ledger’s use of a custom architecture to work around many of the limitations of their Secure Element.

The vulnerability could be used to mount a supply chain attack.

It is recommended you update your Ledger to the latest version.

https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/

This is Ledger's official response:
https://www.ledger.fr/2018/03/20/firmware-1-4-deep-dive-security-fixes/

Thanks to the link to Ledger's official response, it gives a lot of useful information. I have now updated the Ledger to the laters version, even though the update itself didn't run smoothly, a problem of drivers on window had stalled eveything for hours.

            ▄▄████▄▄
        ▄▄██████████████▄▄
      ███████████████████████▄▄
      ▀▀█████████████████████████
██▄▄       ▀▀█████████████████████
██████▄▄        ▀█████████████████
███████████▄▄       ▀▀████████████
███████████████▄▄        ▀████████
████████████████████▄▄       ▀▀███
 ▀▀██████████████████████▄▄
     ▀▀██████████████████████▄▄
▄▄        ▀██████████████████████▄
████▄▄        ▀▀██████████████████
█████████▄▄        ▀▀█████████████
█████████████▄▄        ▀▀█████████
██████████████████▄▄        ▀▀████
▀██████████████████████▄▄
  ▀▀████████████████████████
      ▀▀█████████████████▀▀
           ▀▀███████▀▀



.SEMUX
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
  Semux uses 100% original codebase
  Superfast with 30 seconds instant finality
  Tested 5000 tx per block on open network
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
█ █
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!