|
dkbit98 (OP)
Legendary
Offline
Activity: 2282
Merit: 7309
|
Update and more information about Trezor SatoshiLabs new TROPIC01 secure element. According to post from Tropic Square CEO Evzen Englberth, design of chips is functional and I they can move to next phase of development. TROPIC01 is manufactured by UMC in Taiwan, it will be 55nm chip packaged in Malaysia, and final chip will be 4x4mm with Ibex RISCV core. RISCV means that the chip will be open source and auditable. It's interesting that Trezor already started working on TROPIC02, complete SoC (System-on-Chip) that will have integrated TROPIC01 and the application processor cores. https://www.linkedin.com/posts/evzen-englberth_riscv-riscv-riscv-activity-7027210506398507008-V0-j
|
|
|
|
|
dkbit98 (OP)
Legendary
Offline
Activity: 2282
Merit: 7309
|
|
February 10, 2023, 11:27:52 AM Merited by JayJuanGee (1) |
|
I will probably listen this talk but since it's one hour long it would be a good idea to have this released as written article somewhere, maybe on your blog page. Problem I have with Passport hardware wallet is that it is still using outdated secure element ATECC608A, same one that is used in OneKey hardware wallet that was recently hacked by Unciphered. I don't think chip shortage is such a big issue anymore, so it's probably time to replace it with something better.
|
|
|
|
zherbert
Member
Offline
Activity: 62
Merit: 115
|
|
February 10, 2023, 03:15:36 PM Merited by JayJuanGee (1) |
|
I will probably listen this talk but since it's one hour long it would be a good idea to have this released as written article somewhere, maybe on your blog page. Problem I have with Passport hardware wallet is that it is still using outdated secure element ATECC608A, same one that is used in OneKey hardware wallet that was recently hacked by Unciphered. I don't think chip shortage is such a big issue anymore, so it's probably time to replace it with something better. That's a good idea, I'll see if we can post a blog post summary of the Twitter Space. Regarding OneKey, my understanding is this has nothing to do with the secure element, but instead an issue with their firmware – it seems that they didn't encrypt the traffic between the secure element and processor (lol). The 608a secure element by Microchip is not recommended for new designs, but I am unaware of any attack that doesn't involve a lab + lasers that could pull data out of it. We are of course switching to the 608b for next batch of Passports, but not due to any glaring vulnerability.
|
|
|
|
dkbit98 (OP)
Legendary
Offline
Activity: 2282
Merit: 7309
|
|
February 10, 2023, 07:24:07 PM Merited by JayJuanGee (1) |
|
That's a good idea, I'll see if we can post a blog post summary of the Twitter Space. Taking transcripts from that audio would be nice. I listened your conversation today, and I didn't know stuff you guys said about Risc-V chips not being really open source. I was really surprised that you didn't speak more about upcoming Trezor secure element TROPIC01. Regarding OneKey, my understanding is this has nothing to do with the secure element, but instead an issue with their firmware – it seems that they didn't encrypt the traffic between the secure element and processor (lol). The 608a secure element by Microchip is not recommended for new designs, but I am unaware of any attack that doesn't involve a lab + lasers that could pull data out of it. We are of course switching to the 608b for next batch of Passports, but not due to any glaring vulnerability.
Yeah I know the problem was not directly related with secure element in OneKey but it's connection with microprocessor, but there was clear indications that other hardware wallets have similar issues. As for ATECC608A secure element, it's clear that this is not secure enough chip anymore, their documentation proves that, and it was exploited before.
|
|
|
|
n0nce
|
I am unaware of any attack that doesn't involve a lab + lasers that could pull data out of it. We are of course switching to the 608b for next batch of Passports, but not due to any glaring vulnerability.
You may want to look into using multiple randomized timings to drastically reduce the success rate of laser fault injections. I read a bit more about this topic after dkbit's reminder about the attack on the 608A and it seems like delays can be a pretty cheap, yet effective software countermeasure. The idea is that you make it much more difficult for an attacker to hit the exact right timing every time; if they shoot their lasers before or after the desired instruction, it won't have the desired effect. By computing or checking stuff (e.g. hardware flags or PIN code) multiple times instead of once, with random delays in between, an attacker will need to inject multiple faults and hit the timing perfectly on each of them. If the chance of hitting an instruction once is 0.1%, the probability of doing it twice in a row already falls to 0.01% and so on. Just an example paper on the topic: Combining High-Level and Low-Level Approaches to Evaluate Software Implementations Robustness Against Multiple Fault Injection Attacks
|
|
|
|
zherbert
Member
Offline
Activity: 62
Merit: 115
|
|
February 13, 2023, 02:54:40 PM |
|
Thanks, I've shared the paper with my team!
|
|
|
|
n0nce
|
|
February 13, 2023, 10:10:17 PM Merited by JayJuanGee (1) |
|
Thanks, I've shared the paper with my team! You're welcome! You may actually want to get your hardware tested (since this is a hardware security product) by professionals like riscure (although I'm not sure if they do hardware pentesting as a service). They will assess the security and tell you how to improve it & show you where your vulnerabilities are, before an attacker does it and sells that information to threat actors. You can even use a positive test result as a big extra selling point for the Passport. Although I don't know whether you did that already (and you're obviously not required to disclose that ). In any case, this talk may also be of interest to your team, while they're at it, because these are ways to improve the security of a potentially glitchable secure element, simply through a software update. Proving the efficacy of software countermeasures for fault injection
|
|
|
|
zherbert
Member
Offline
Activity: 62
Merit: 115
|
We had the wallet.fail guys do an audit back in 2021. They told us we were the only HWW company they worked with that actually published the audit. https://foundationdevices.com/security/
|
|
|
|
n0nce
|
|
February 15, 2023, 02:06:15 AM |
|
I remember; I had read that report actually! Maybe worth getting another one now with all the improvements and fixes in place, on the Batch 2 hardware.
These should definitely comfort @dkbit98 a bit, who is super-paranoid about the 608A.. 1.9. Attacks on ATECC608A After the review, new attacks on the ATECC608A and its usage in the COLDCARD firmware were published. Foundation Devices confirmed that these issues were fixed in the latest Passport firmware.
1.9. Attacks on ATECC608A This defect was never in the Passport source code.
|
|
|
|
Pmalek
Legendary
Offline
Activity: 2814
Merit: 7227
|
|
February 18, 2023, 04:40:58 PM |
|
Yeah I know the problem was not directly related with secure element in OneKey but it's connection with microprocessor, but there was clear indications that other hardware wallets have similar issues. That's because so many of them use the same or similar codebase in their open-source projects. If a vulnerability is found in one brand, all the others that used that code (unless already patched) are vulnerable in the same way. That's the beauty and danger of open-source. This time, the problem was discovered by a party with good intentions. Next time it can be by someone with other motives. The applied fix, though, is software-based. The chip is vulnerable to other attack vectors, but badly written and implemented code was the issue with Onekey.
|
. .BLACKJACK ♠ FUN. | | | ███▄██████ ██████████████▀ ████████████ █████████████████ ████████████████▄▄ ░█████████████▀░▀▀ ██████████████████ ░██████████████ █████████████████▄ ░██████████████▀ ████████████ ███████████████░██ ██████████ | | CRYPTO CASINO & SPORTS BETTING | | │ | | │ | ▄▄███████▄▄ ▄███████████████▄ ███████████████████ █████████████████████ ███████████████████████ █████████████████████████ █████████████████████████ █████████████████████████ ███████████████████████ █████████████████████ ███████████████████ ▀███████████████▀ ███████████████████ | | .
|
|
|
|
dkbit98 (OP)
Legendary
Offline
Activity: 2282
Merit: 7309
|
More good news coming from Trezor related with microchips they are using. They started manufacturing their own key component chip wrapper for Trezor model T, that improves security and shortens times for mass production. I think this is all very important for their new hardware wallet model, that is going to be something special with Tropic01 secure element, and it could reduce price for their devices. https://bitcoinmagazine.com/business/trezor-controls-its-silicon-chip-supply-chain
|
|
|
|
SFR10
Legendary
Offline
Activity: 3052
Merit: 3474
Crypto Swap Exchange
|
|
March 03, 2023, 06:53:00 AM Merited by JayJuanGee (1) |
|
and it could reduce price for their devices.
Unfortunately, one of their spokespersons stated " considering that it costs almost the same as the previous one", Trezor doesn't expect it to have an impact on prices. - It seems that at best, they could maintain the current prices.
|
|
|
|
m2017
Legendary
Offline
Activity: 1862
Merit: 1371
keep walking, Johnnie
|
|
March 03, 2023, 04:13:58 PM |
|
Well, at least it will improve security, which is never superfluous and expands trezor's ability to create new devices. If you want better prices, then need to wait for discount promotions. It is unlikely that they will underestimate the prices of hardware wallets. Perhaps for old devices that will be discontinued and stocks need to be sold from warehouses. Since testing of the chip will last throughout 2023 (which will most likely be used in a new device), there will be no new announcements for the next couple of years.
|
| | . .Duelbits. | │ | ..........UNLEASH.......... THE ULTIMATE GAMING EXPERIENCE | │ | DUELBITS FANTASY SPORTS | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ████████████████▀▀▀ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | . ▬▬ VS ▬▬ | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ███████████████████ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | /// PLAY FOR FREE /// WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
Welsh
Staff
Legendary
Offline
Activity: 3276
Merit: 4111
|
|
March 03, 2023, 04:58:58 PM Merited by JayJuanGee (1) |
|
If you want better prices, then need to wait for discount promotions. It is unlikely that they will underestimate the prices of hardware wallets. Perhaps for old devices that will be discontinued and stocks need to be sold from warehouses.
As long as they're still offering support through patches/updates of their older devices, I can see quite a high demand for devices which aren't too complicated, and don't come at a high price point. Although, if they were to reach end of life, and therefore no longer be supported, I can't see them being used as much. Hopefully, they just go the route of patching/updating all devices when severe issues need to be patched. They don't need to enhance the UI/UX or add functionality of it, they can do that with the newer devices. Since testing of the chip will last throughout 2023 (which will most likely be used in a new device), there will be no new announcements for the next couple of years.
2024 announced potentially, and then whenever they're ready to actually sell it.
|
|
|
|
dkbit98 (OP)
Legendary
Offline
Activity: 2282
Merit: 7309
|
|
May 31, 2023, 10:52:38 AM Last edit: May 31, 2023, 11:03:58 AM by dkbit98 Merited by JayJuanGee (1), Cricktor (1) |
|
We have very important announcement coming from Coolwallet hardware wallet, they decided to release their firmware and secure element chip as open source! This was decide after recent ledger wallet debacle incident, and Coolwallet wants to have more transparency with their devices. Secure element Coolwallet use has EAL6+ security and from my research they are using NXP chips in their devices, but we are waiting for official confirmation. With slick card format, current prices of $99/$149, and being opensource I think Coolwallet will have lot of new customers soon: Source blog post: https://www.coolwallet.io/coolwallet-will-open-source-its-hardware-wallets-secure-element-chip-code/Thank you ledger
|
|
|
|
dkbit98 (OP)
Legendary
Offline
Activity: 2282
Merit: 7309
|
New wallet Keystone3 is ready to be released and they have interesting news and changes regarding secure elements. Unlike in previous version where they didn't want to disclose everything, now they introduced upgraded secure element Microchip ATECC608B. Same microchip is used in ColdCard Mk4, BitBox and Passport, OneKey, Cypherock X1, Husky are all using older version of this chip ATECC608A that had some security issues. But this is just first part of the story, as Keystone3 uses additional secure element Maxim DS28S60 that works together with ATECC608B in safeguarding seed phrases. ATECC608B provides hardware-level security and authorization, and Maxim DS28S60 ensures that trusted platform module is always in place. Third secure element Maxim MAX32520 is used for securing fingerprint data, so I think this will be used only in Keystone3 Pro version. Regular Keystone3 wallet will have only two secure elements, and that is perfectly fine if you don't like to use biometrics. Thanks to this changes Keystone will now be able to store up to three seed phrases with different passwords, so there is no need to reset or have multiple devices anymore. I think this will push other hardware wallet manufacturers to improve, and they will have hard time competing with Keystone prices.
|
|
|
|
zherbert
Member
Offline
Activity: 62
Merit: 115
|
Quick update, all Passport units shipping from two weeks ago (and ongoing) now use the Microchip 608b secure element.
|
|
|
|
satscraper
|
|
August 09, 2023, 06:24:14 AM |
|
Quick update, all Passport units shipping from two weeks ago (and ongoing) now use the Microchip 608b secure element.
Research published in that paper claims that ATECC608B can still be defeated with the laser beam. What would you say about this?
|
| | . .Duelbits. | │ | ..........UNLEASH.......... THE ULTIMATE GAMING EXPERIENCE | │ | DUELBITS FANTASY SPORTS | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ████████████████▀▀▀ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | . ▬▬ VS ▬▬ | ████▄▄▄█████▄▄▄ ░▄████████████████▄ ▐██████████████████▄ ████████████████████ ████████████████████▌ █████████████████████ ███████████████████ ███████████████▌ ███████████████▌ ████████████████ ████████████████ ████████████████ ████▀▀███████▀▀ | /// PLAY FOR FREE /// WIN FOR REAL | │ | ..PLAY NOW.. | |
|
|
|
|