The "Three Ones and None" Elements That Define Crypto Wallet Security
first level title
1. The necessity of encrypted wallet
With the rapid development of blockchain technology in recent years, encrypted assets have gradually come into the public's sight. At present, the market value of encrypted assets is more than 200 billion US dollars, and there are more than 2,000 encrypted assets, which reflects the rapid growth of the global encrypted assets.
An early miner in the UK "lost" 7,500 bitcoins, which are now as high as more than 300 million yuan.
In 2009, James Howells, a 32-year-old IT worker in Wales, England, participated in computer mining for Bitcoin. In 2013, he accidentally threw away the hard drive. He claimed that 7,500 bitcoin private keys were stored in the accidentally lost hard drive. The current market value is as high as more than 300 million yuan, and it has not been recovered yet. Based on the lack of suitable storage methods for early encrypted assets, the private key stored on the hard disk is also at risk of being lost.
Encrypted asset storage has become a demand that cannot be ignored by encrypted asset investors.
In September 2018, People's Daily Online reprinted an article titled "The Encrypted Asset Trading Platform Is Stolen Again, and Security Issues Become Hidden Dangers". In recent years, numerous coin theft incidents have occurred, mainly focusing on the attacks on encrypted asset management platforms, smart contract vulnerabilities, loss or theft of personal keys, etc. Nowadays, how to keep personal keys has become a problem that investors of encrypted assets cannot ignore. If you plan to invest in encrypted assets for a long time, it is recommended that investors store the currency they hold in a software wallet. If the amount is large, they should prepare a hardware wallet, that is, a cold wallet, to prevent losses caused by theft of the trading platform.
Cold wallets are also called hardware wallets. Since the private key does not touch the network, it is relatively safe. However, due to the rapid iteration of business scenarios and promotion needs, there will be some security risks in both hot wallets and cold wallets that will be ignored.
first level title
2. The main risks of software wallets
A software wallet can be understood as a downloaded wallet app that can be directly used to transfer encrypted assets. The use of an encrypted wallet software includes the following three security elements.
1. Internet Security
A complete set of processes from software start-up to transaction, in which the business process requires connection to the network, security data, etc. have certain risks.
2. Core data security of software functions
The functions of traditional software include unencrypted core code, no verification of the software itself, data hijacking by middlemen, etc.
3. Business scenario security
For the unique business scenarios of wallet software, such as insecure storage of mnemonic words, weak passwords for transaction passwords, replacement of currency price trend data, etc. will also cause great harm to the security of users using wallets.
Due to the imperfect security performance of the software wallet itself, and frequent hacker attacks. Hardware wallets have gradually become an asset preservation product favored by many crypto asset investors.
first level title
3. Security elements of hardware wallets
A hardware wallet is a physical device with private keys stored in a protected area within the device. So far, there have been no major wallet vulnerabilities or large-scale asset loss incidents in hardware wallets. Relatively speaking, the security factor of hardware wallets is higher than that of software wallets. In this regard, Guo Weiji, the chief scientist of Mishen Technology, believes that a truly secure wallet mainly includes three security elements: network isolation, system integrity protection, and wallet seed confidentiality.
1. Network isolation
That is, an isolated environment is created for the private key. Existing mobile phones and computers are connected to the outside world through the network, and the private key is easily attacked by hackers remotely from the network. At this time, a hardware wallet is required to store the private key or wallet seed.
2. System Integrity Protection
It means that the hardware wallet system can protect its key components from illegal tampering. Any system has the possibility of being attacked. When an attack occurs, a hardware wallet with system integrity protection capabilities can discover the attack and make a corresponding security response.
At present, attacks against the lack of system integrity protection mainly include supply chain attacks and evil maid attacks. The so-called supply chain attack refers to the fact that the hardware wallet is modified by others during the production or transportation process, implanting malware or tampering with the system logic. For example, if an Android-based wallet uses the random number generator provided by Android, and the random number generator is replaced with a pseudo-random number generator that can be predicted by hackers, then all seeds, private All keys are predictable by hackers. And hackers don’t even need the victim’s wallet to be connected to the Internet to complete the harvest. If there is a lack of system integrity protection, such attacks cannot be discovered, and users' funds are at risk of being completely harvested.
Evil Maid Attack, which is called Evil Maid Attack in English, mainly refers to the fact that the wallet device may be temporarily controlled by others. If the device lacks system integrity protection, then this period of time may be used to implant malware, such as the underlying logic being replaced, the actual transfer address being changed to the address specified by the hacker, or the wallet being displayed after receiving certain instructions Seed mnemonic, etc.
3. Wallet seed is kept secret
These three security features are relatively universally applicable. No matter what kind of wallet system, these three standards can be used to measure its security. It is difficult for software wallets to meet these requirements due to their inherent limitations. In contrast, hardware wallets have a better security foundation.
first level title
4. Classification and security analysis of hardware wallets
There are also various types of hardware wallets, and not all hardware wallets can meet all three criteria well. We can classify hardware wallets and analyze their security from the characteristics of hardware devices themselves.
First of all, we can divide hardware wallets into Android hardware wallets and chip hardware wallets. As the name suggests, the Android hardware wallet can be understood as an Android mobile phone, with unnecessary components removed, and the software modified to serve the purpose of the wallet. Chip hardware wallets are the mainstream products in foreign markets. The core logic of the wallet is directly programmed on the chip system, and the wallet seed is kept inside the chip as its security feature.
1. Android hardware wallet security analysis
Hardware wallets can generally achieve network isolation, but Android does not have system integrity protection, which makes it vulnerable to supply chain attacks and evil maid attacks. In addition, if the Android system itself is not reinforced for security, problems will also occur.
For example, at the Kanxue Security Summit in July this year, a certain Android hardware wallet was cracked. The wallet hardware is based on the MTK solution and uses the Android 6.0 system. The MTK system has a known USB vulnerability that has not been fixed in the wallet. Security researchers hacked into the system from the USB interface, elevated privileges, and modified system components. In fact, it is equivalent to cracking this Android hardware wallet, because what can be done later There are many things: including modifying the random number generator, extracting the wallet seed file and performing a rainbow attack or dictionary attack, modifying the underlying transfer address, etc. Due to the lack of system integrity protection, these modifications are difficult to detect, and unsuspecting victims will suffer losses if they continue to use them.
In addition, the privacy of the wallet seed of this Android hardware wallet is also problematic. Android's file system is actually open. In the hands of technicians, disassemble the device and obtain the built-in memory to load the file system and extract the file that stores the wallet seed. Although this file is generally encrypted, many users will not choose a complex password, which may be 4 or 6 digits, and it is easy to complete exhaustive cracking on an ordinary computer. This weakness makes this wallet unable to resist attacks by evil maids.
Therefore, if we only use the previous three security standards to measure, this Android hardware wallet only achieves network isolation, but some modifications can be made to the Android hardware wallet to increase the security of the wallet.
This is the so-called chip Android hardware wallet, that is, a dedicated chip is put into the Android wallet device to keep the wallet seed, which improves the confidentiality of the wallet seed, and even if others get the device, they cannot directly obtain the seed. In this way, the security standard of wallet seed encryption can be met, but the standard of system integrity protection is still not met. This is mainly due to the inherent deficiencies of the Android system, which are difficult to correct in the short term.
In this case, the security of the chip Android hardware wallet relies on the "system attack and defense assumption" proposed by Guo Weiji. It is assumed that the wallet system has strong anti-attack performance and cannot be attacked or cracked. Specific to the Android hardware wallet, it means that although it lacks system integrity protection, assuming that the security protection is done well enough, attackers will not be able to tamper with the system.
So how reliable is this hypothesis? Just look at a case to understand.
Cybersecurity guru John McAfee released the Bitfi hardware wallet. The wallet is also based on Android. McAfee is full of confidence and believes that with its own security offensive and defensive capabilities, it can keep Bitfi safe and "impregnable". On July 25, 2018, it offered a reward of 100,000 US dollars to "seek" hacker attacks.
In less than a week, a Dutch security researcher named OverSoft gained root access to the Bitfi wallet; and a 15-year-old boy named Saleem Rashid played the DOOM game on the wallet. Later, another security expert successfully sent a signed transaction, which was tantamount to being completely cracked.
With McAfee's status in the security arena, this basically declares the security flaws of all wallet systems that replace system integrity protection with system attack and defense assumptions.
2. Security analysis of chip hardware wallet
The chip hardware wallet has an independent SOC chip, and all hardware systems operate on the SOC chip. The appearance generally only has a screen and simple buttons. The guarantee of the screen display is to show that the data is real, and the simple button confirms the transaction operation.
Boot firmware and business firmware are loaded in the internal system. The boot firmware is the basic design, which has been fixed at the factory and cannot be tampered with. It is responsible for the integrity check and upgrade of the business firmware; the business firmware is responsible for the specific business logic and can be upgraded to support more currencies or repair potential safety hazards. Modifications require signature confirmation.
In its security analysis, it can be seen that:
The first, network isolation. This is generally satisfied, not a big problem.
The second, system integrity protection. This is done by verifying the digital signature of the business firmware. The boot firmware can check the signature to decide whether to load and run the business firmware, and any tampering will be found.
Article 3, the wallet seed is kept confidential. Chip hardware wallets generally store seeds in the flash memory area inside the chip, which cannot be read by conventional means. When in use, the private key may appear briefly in the memory, but it is generally deleted immediately and overwritten with random data when it is used up, which provides better confidentiality. Based on these three criteria, chip hardware wallets are more secure than software wallets and Android hardware wallets.
