In particular, Ledger has highlighted five vulnerabilities in Trezor products. Ledger claims to have contacted Trezor over the issues four months ago, stating: “We responsibly disclosed these vulnerabilities to the vendor, allowing them to take appropriate measures for protecting their users.
“Now that the responsible disclosure period, including two extensions, has expired, we wanted to share the details with you in spirit of full awareness and transparency.”
Alongside this, it found that the Trezor product can be opened up, have a ‘backdoor’ inserted, and be re-sealed.
The second vulnerability found by Ledger was in regard to the pin code. It found that it is possible to guess the value of the pin using a side channel attack.
A side channel attack consists of presenting a random pin number and then measuring the power consumption of the device when it compares the presented pin with the actual value of the pin.
Ledger claims to have cracked the pin in less than 5 attempts using this method.
Trezor has however patched this vulnerability in firmware update 1.8.0.
Vulnerabilities 3 and 4
It found that an attacker with physical access to the devices can extract all the data stored within the flash memory. Attackers can then deplete all assets from the user’s accounts.
Ledger does not believe this issue can be patched. It believes it can only be circumvented by overhauling the design to incorporate a Secure Element Chip. This would involve replacing a general purpose chip already implemented.
Scalar Multiplication is a core function in cryptography. In particular, Ledger notes it is the core function for signing transactions.
Utilising a digital oscilloscope alongside a few other measurements, Ledger was able to extract the key of a transaction using side channel analysis.
Ledger has reported this issue to Trezor – which can be patched – but also noted how it does not directly affect Trezor’s security model. This is because the operation cannot be triggered without knowing the device’s pin beforehand.
Trezor official statement
The company claims that while Ledger did report and communicate with it over the suspected vulnerabilities, “some of the facts are represented differently”, which has led to “an alarmist interpretation of the vulnerabilities”.
Trezor has stated that supply chain attacks affect all hardware in transport and that there is no “100% solution”, as well as noting “all companies have different methods to mitigate this”.
The company claims that the side channel pin attack has been patched.
Trezor has also responded to the Scalar Multiplication allegation stating that it is “non-exploitable” since a pin is required.
It also comments on how “none of these attacks are exploitable remotely. All of the demonstrated attack vectors require physical access to the device, specialised equipment, time, and technical expertise”.
Disclaimer: The views and opinions expressed by the author should not be considered as financial advice. We do not give advice on financial products.