glitch in the matrix: exploiting bitcoin hardware wallets · 42 challenge your security riscure...
TRANSCRIPT
![Page 1: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/1.jpg)
1
Glitch in the Matrix: Exploiting
Bitcoin Hardware Wallets
Sergei Volokitin
![Page 2: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/2.jpg)
2
What is a Hardware Wallet?
• Connects to smartphone, PC
• Stores and operates with private keys
• Mainly used for cryptocurrency keys
https://www.ledgerwallet.com/products/ledger-nano-s https://www.keepkey.com/wp-
content/uploads/2014/08/12121301/shapeshift-large.jpg https://trezor.io/start/
![Page 3: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/3.jpg)
3
KeepKey
https://www.keepkey.com/wp-content/uploads/2014/08/12121301/shapeshift-large.jpg
![Page 4: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/4.jpg)
4
Why KeepKey?
https://www.keepkey.com/
![Page 5: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/5.jpg)
5
KeepKey
https://www.amazon.com/KeepKey-Simple-Cryptocurrency-Hardware-Wallet/dp/B0143M2A5S
![Page 6: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/6.jpg)
6
DEFCON presentation on TREZOR clone
![Page 7: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/7.jpg)
7
DEFCON presentation on TREZOR clone
![Page 8: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/8.jpg)
8
Features• STM32
• Flash on the chip
• Large attack surface (22 input commands without auth)
• Built-in 4 digit PIN security lock
• Open Source (bootloader and firmware)
• Built-in onboarding (seed generation and recovery)
• USB connectivity
• Super secure boot with three signatures and five keys!
![Page 9: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/9.jpg)
9
Using HW wallet
![Page 10: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/10.jpg)
10
Hardware architecture
• STM32F205
• Internal 1MB of flash
• There is secure boot
![Page 11: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/11.jpg)
11
Why hardware attack
• Popular open source project
• SW is tested and patched over time
• General purpose MCU is used to keep the secrets
![Page 12: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/12.jpg)
12
What is FI and how can it help?
• Corrupt data (0x00, 0xFF, 0x??)
• Corrupt instructions
• Skip instructions
• ...
![Page 13: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/13.jpg)
13
Cracking the case
![Page 14: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/14.jpg)
16
Can we glitch it?
![Page 15: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/15.jpg)
18
Characterization• Simple command to be sent to the device
• Ping command receives a message and sends it back
• Test if we can successfully glitch the hardware
void fsm_msgPing(Ping *msg){
…if(msg->has_message){
resp->has_message = true;memcpy(&(resp->message), &(msg->message), sizeof(resp->message));
}msg_write(MessageType_MessageType_Success, resp);go_home();
}
![Page 16: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/16.jpg)
19
Characterization• Simple command to be sent to the device
• Ping command receives a message and sends it back
• Test if we can successfully glitch the hardware
void fsm_msgPing(Ping *msg){
…if(msg->has_message){
resp->has_message = true;memcpy(&(resp->message), &(msg->message), sizeof(resp->message));
}msg_write(MessageType_MessageType_Success, resp);go_home();
}
GLITCH!
![Page 17: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/17.jpg)
20
No code execution, no easy trigger• The power comes from USB and quite noisy
• No modifications to the device were made
• When a command is sent a similar pattern is observed
CMDRESP
GLITCH!
![Page 18: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/18.jpg)
23
Characterization results
![Page 19: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/19.jpg)
24
DEMO
![Page 20: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/20.jpg)
25
![Page 21: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/21.jpg)
26
Characterization resultsPing command response
HelloWorld
\01
H
H\00\00\00\00World
Hworld\10
Hel
Hel\08oWorld
Hell\00World
HelloW
HelloWo
Hell
Ping command response
HelloWorl\00
HelloWorlW
lelloWorld
\00elloWorld
He
He\00\00\00\00orld
##
HelloWorlD
@elloWorld
HElloWorld
Settings applied
![Page 22: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/22.jpg)
28
Glitching the screen output
![Page 23: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/23.jpg)
29
Glitching the screen output
![Page 24: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/24.jpg)
30
Glitching the screen output
/// Non-maskable interrupt handlervoid nmi_handler(void) {
// Look for the clock instability interrupt. This is a security measure// that helps prevent clock glitching.
if ((RCC_CIR & RCC_CIR_CSSF) != 0) {layout_warning_static("Clock instability detected. Reboot Device!");system_halt();
} }
![Page 25: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/25.jpg)
31
More glitches
Is there an exploitable glitch?
![Page 26: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/26.jpg)
32
Getting full access to the device
GLITCH!
![Page 27: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/27.jpg)
33
Getting full access to the device
FAIL!
![Page 28: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/28.jpg)
34
Getting full access to the device #2
GLITCH!
![Page 29: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/29.jpg)
35
SW Design leading to exploitable FI• The glitch of the if-statement is possible but does not change the flash
• fsm_msgResetDevice command once glitched only changes PIN in RAM
• fsm_msgChangePin compares against PIN in RAM and saves a new one to FLASH
KeepKey
RAM
PIN
FLASH
PIN
fsm_msgResetDevice
fsm_msgChangePin
![Page 30: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/30.jpg)
36
The attack:1. Steal Find a device2. Glitch the check of the lifecycle check3. Set a new PIN on the device, keep the seed4. Unlock the device using the new pin...5. Get full access to the device’s coins
Getting full access to the device #2
GLITCH!
![Page 31: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/31.jpg)
37
Getting full access to the device #2
GLITCH!1.
fsm_ResetDevice()
GLITCH!GLITCH!
PIN RAM
2.
3.
PIN FLASH
fsm_msgChangePin(PIN RAM)
GLITCH!GLITCH!GLITCH!
Profit!
4.…
5.
![Page 32: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/32.jpg)
38
Results
Success rate ~1.2%
Attempt rate 0.3 att/sec
On average it takes 5 minutes to glitch the PIN
![Page 33: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/33.jpg)
39
Conclusions
• Non secure hardware is easily glitchable
• Simple FI counter measures are not sufficient against EMFI
• Large set of commands avaliable to anauthorized user are
difficult to secure
![Page 34: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/34.jpg)
40
Questions?
![Page 36: Glitch in the Matrix: Exploiting Bitcoin Hardware Wallets · 42 Challenge your security Riscure B.V. Frontier Building, Delftechpark 49 2628 XJ Delft The Netherlands Phone: +31 15](https://reader030.vdocuments.site/reader030/viewer/2022040123/5e1681a52e5fc74e460d9051/html5/thumbnails/36.jpg)
42
Challenge your security
Riscure B.V.
Frontier Building, Delftechpark 49
2628 XJ Delft
The Netherlands
Phone: +31 15 251 40 90
www.riscure.com
Riscure North America
550 Kearny St., Suite 330
San Francisco, CA 94108 USA
Phone: +1 650 646 99 79
Riscure China
Room 2030-31, No. 989, Changle Road, Shanghai 200031
China
Phone: +86 21 5117 5435