“Mit ausreichenden Ressourcen und dem richtigen Know-how ist ein Angreifer in der Lage, den Recovery-Seed aus jeder Hardware-Wallet zu extrahieren.”
- Dieses Thema hat 5 Antworten und 1 Teilnehmer, und wurde zuletzt aktualisiert vor 11 Monaten von
.
-
Beiträge
-
-
Ich verstehe nicht, warum dies auch für andere Hardware-Geldbörsen wie Ledger, ColdCard usw. gilt. Kann mir das jemand erklären?
Quelle:
[https://blog.trezor.io/is-your-passphrase-strong-enough-d687f44c63af](https://blog.trezor.io/is-your-passphrase-strong-enough-d687f44c63af)
-
The private keys on the device are protected by strong encryption – usually something like AES. The encryption key is derived from your *passphrase* or PIN that you use to unlock the hardware wallet and sign the transaction.
If the attacker can gain access to the ciphertext (by reading the encrypted data from the hardware device), then they can start to brute-force the passphrase. Basically guess and guess using a big server farm, trying possible passwords until they get a correct decryption.
That’s why creating a strong, high *entropy* passphrase for the device encryption is so critical. Given sufficient entropy (randomness) in the passphrase, it becomes unfeasible for an attacker to guess the passphrase even with a LOT of resources.
Provided that the encryption is correctly implemented, the factor that decides whether or not the encryption is able to be cracked is the strength of the passphrase.
Using a random passphrase generator or diceware for a high entropy but also human readable/rememberable passphrase. One that’s strong but easy to write down or store in an encrypted password manager for later use. Never put the seed in a password manager since it defeats the purpose of a HW wallet.
-
> like Ledger, Coldcard
* Coldcard: https://blog.ledger.com/coldcard-pin-code/
* Ledger: https://support.ledger.com/hc/en-us/articles/360015738179
Nothing can be 100% secure. Just “mostly” secure. There will always be possible vulnerabilities. The key take away is that all of these vulnerabilities have been fixed in subsequent software / hardware updates. Just stay well informed and keep your software / firmware stack up to date and you will be fine.
-
-
When push comes to shove, you can always burn off the chip casing with acid and then use an electron microscope to “read” the bits stored in memory. In case of a Secure Element, this will also allow you to read the private keys that are used to encrypt the stored data.
This is super expensive, takes a long time, and 99.9 % of the time is absolutely not worth it. But “with sufficient resources” it _can_ be done.
—
Or, an attacker can steal your HWW, 3D-print an _exact replica_ and install some communication hardware inside. Then when you come back home and plug in the device, it will just stream the image from the original device. You input the PIN, this gets sent to the attacker, who unlocks your actual device, and again, the screen gets reported back to you, etc. etc., except now the attacker has your PIN and possibly passphrase.
Again, this would be a huge engineering project (extra difficult with a CC which is transparent, so the PCB would need to _look_ the same — but of course nothing is preventing a dedicated attacker with “sufficien resources and the right expertise” from custom casing a much more powerful CPU plus a GSM modem so that it looks exactly like a STM32 from the outside). And it’s absolutely not worth it. But it’s technically doable.
—
Or, much more realistic, an attacker with “sufficient resources and the right expertise” _will_ be able to search your house without you noticing, break into your safe without you noticing, and copying over the seed, and then install a camera or a keylogger to grab the passphrase that you are using.
—
This all basically means that (physical) security is never a 100% thing.
Similar to the lock on your front doors: its job is _not_ to prevent a thief from entering. If someone wishes to enter hard enough, they _will_ be able to do it.
Its job is to get the thief to move on to an easier target.
Hardware wallets are much the same.
-
You could get a Keystone Pro ([https://keyst.one/](https://keyst.one/)). Their hardware wallet features an integrated self-destruction mechanism designed to thwart $5 wrench attacks.
-
- Du musst angemeldet sein, um auf dieses Thema antworten zu können.
