Chainnews has released an article titled "Kraken Claims Trezor Hardware Wallet Vulnerable to Physical Attack Exploiting Voltage Glitch, Trezor Responds Acknowledging the Vulnerability". This has caught the attention of many people who are concerned about the security of hardware wallets.
Kraken's security lab published an article stating that the Trezor One and Trezor Model T hardware wallet products have significant flaws that can be exploited by attackers to steal wallet data. According to Kraken, hackers can extract keys from Trezor One and Trezor Model T hardware wallets using voltage glitches if they have physical access to the device for 15 minutes. Kraken's Chief Security Officer, Nick Percoco, stated that "this vulnerability is inherent in the microcontroller used in Trezor hardware wallets" and cannot be fixed by a patch.
As a result, some people have raised concerns about the security of hardware wallets and asked us if there is a similar vulnerability that can be exploited using voltage glitches in imKey. Therefore, we have decided to provide a deep explanation of imKey's security mechanism to help people better understand it and protect their digital assets.
Q: Does imKey have a vulnerability that can be exploited using voltage glitches to crack the key?
A: imKey does not have similar security vulnerabilities.
So why doesn't imKey have similar security vulnerabilities?
1.The root cause of the Trezor security vulnerability: STM32F205 microcontroller
The STM32 series implements a security mechanism called Read Protection (RDP). As the only non-volatile storage on ARM Cortex-M devices is the flash memory, the RDP value is stored in a special page of flash memory and cannot be written by application code if not. The RDP value is defined by a configuration bit called the option byte of the microcontroller. The three RDP levels on the STM32 device correspond to three option byte values.
Table 1: RDP level on the STM32 device and corresponding option byte value
Since the only non-volatile storage on the STM32 microcontroller is the flash memory, which is also the only non-volatile storage for the seed and private key encryption, the flash memory must be protected from being read out.
Trezor One and all its derivative tools correctly use the RDP function and provide and/or set the RDP to RDP level 2 with the RDP at the first boot (see Table 1). If the non-development firmware on the user's device is always in RDP2 (RDP level 2), this can prevent attackers from accessing the SRAM or flash memory. However, relevant experimental research has shown that RDP2 can be downgraded to RDP1 through voltage glitches at startup, and once the device is in RDP1, the user's private key can be stolen by accessing its SRAM through the ARM SWD debugging protocol. See Kraken Security Lab's report "Inside Kraken Security Labs: Flaw Found in Keepkey Crypto Hardware Wallet (Part 2)" for details.
Kraken's security lab research shows that the security of MCU-based hardware wallets such as Trezor should not rely solely on the security of the STM32F205.
So what is a better security solution? Looking at the mature development path of security products such as bank system U-shields, security chips are undoubtedly a better choice.
2.Solution for preventing electronic attacks: secure chips
What is a secure chip?
A secure chip, also known as a trusted platform module, is a device that can independently generate, encrypt, and decrypt keys. It contains a separate processor and storage unit and can store keys and feature data to provide encryption and secure authentication services for computers. Using secure chips for encryption means that the keys are stored in hardware and cannot be decrypted if the data is stolen, protecting business privacy and data security.
Due to the characteristics of secure chips, they can be used for identity recognition, payment tools, encryption and decryption, information storage, and other purposes.
Common examples of secure chips in the market include bank and finance IC cards, SIM cards, IoT chips, ETC cards, medical cards, social security cards, and other similar solutions. Therefore, we recommend using a hardware wallet with a secure chip.
3.imKey's security mechanism for preventing electronic attacks
The core of imKey's hardware wallet security design is based on the world-renowned chip company Infineon's CC EAL 6+ secure microcontroller chip. It is important to note that the current level of security certification used in national defense and military applications is usually CC EAL 6+ or CC EAL 7+, which can be said to be the highest level of security certification for civilian use in the market.
Compared with a general microcontroller unit (MCU), this CC EAL 6+ secure chip has the following significant security features:
- Dual-core CPU, one for execution and one for security detection.
- All CPU registers have masking protection functions.
- All NVM and RAM are encrypted and have dedicated integrity verification protection.
- It has temperature, voltage, frequency, light sensors, and dedicated protection nets.
- It has DES, AES, and co-processors for PKI operations.
- True random number generator.
Based on the above features, the chip can resist attacks such as:
- Injection attacks on program execution flow and various types of memory.
- Physical attacks such as heating, freezing, and slicing the chip.
- Injection errors in DES, AES, RSA, and ECC, as well as DFA, SPA, and SCA (side-channel attacks).
Most importantly, only a small amount of work is required at the software layer to make the entire product resistant to the above attacks, including preventing electronic attacks.
imKey provides world-leading digital asset security protection. The hardware security has undergone rigorous use case testing and third-party security design to fully protect your private keys. CC EAL 6+ not only represents the security level used in military applications but also means that the imKey secure chip has passed the necessary tests and evaluations for CC security certification.
Of course, secure chips and their related ratings and evaluations are only one security feature of a secure wallet.
- Kraken Claims Trezor Hardware Wallet Can Be Physically Cracked Using Voltage Glitch, Trezor Responds by Acknowledging the Vulnerability
- Inside Kraken Security Labs: Flaw Found in Keepkey Crypto Hardware Wallet (Part 2)
- Understanding the CC EAL security standard for hardware wallets