Informace o publikaci
Large-Scale Security Analysis of Hardware Wallets
| Autoři | |
|---|---|
| Rok publikování | 2025 |
| Druh | Článek ve sborníku |
| Fakulta / Pracoviště MU | |
| Citace | |
| Doi | https://doi.org/10.1007/978-3-032-00633-2_21 |
| Klíčová slova | Hardware wallets; TRNG; ECDSA; Robotic testing |
| Popis | Cryptocurrency hardware wallets (HWWs) are dedicated offline devices that securely store cryptographic keys and perform internal message signing to prevent key exposure. Signing typically requires physical user interaction – such as pressing a button or using a fingerprint sensor – which provides strong protection against compromised hosts. However, this physical requirement significantly hinders independent, automated testing on real devices, often forcing reliance on software emulators or vendor claims. We introduce a low-cost, fully automated, and reproducible testing platform to address this limitation. The platform replicates essential human interactions, including physical button presses and touchscreen inputs, incorporates Optical Character Recognition (OCR) for extracting screen content, and records precise timing metadata. These capabilities enable us to perform a comprehensive evaluation of HWWs. Using this automated platform, we collected a dataset containing 3.4 million wallet recovery phrases, 3.4 million Elliptic Curve Digital Signature Algorithm (ECDSA) signatures, and the corresponding timing measurements. Data acquisition was performed on 17 hardware wallet models from 11 different vendors, using firmware versions available in 2023 and in 2025 to enable a comparative analysis. The data examination revealed several details about internal implementation characteristics, yet no significant cryptographic weaknesses were identified. This outcome is particularly interesting given the recent emergence of elliptic-curve cryptography (ECC) vulnerabilities, such as TPM-Fail, Minerva, or TPM-Scan, for example. Several factors are proposed to explain the comparatively stronger security posture observed in HWWs, including domain-specific design choices and operational constraints that may provide inherent resilience, even in the absence of formal certification processes. |