0

Extracting the Private Key from a TREZOR Bitcoin Wallet with a $70 Oscilloscope

Hacking Trezor

2015 – excellent work by Jochen Hoenicke on using an inexpensive oscilloscope to monitor the power drawn by a TREZOR bitcoin wallet to determine what data it was processing.

He writes:

There were some discussions on reddit whether TREZOR, a hardware wallet for securely storing Bitcoins, can be attacked using side channels like power fluctuations, electromagnetic radiations or similar. Such an attack would allow for retrieving the private key that gives access to the Bitcoins stored on the TREZOR. Usually the discussions of side-channel attacks mention the code that signs a Bitcoin transaction. To sign a transaction on the TREZOR, you need to enter the secret PIN first. So this is not useful in the scenario where the attacker has physical access to the device but does not know the PIN.

He explains how you can recover a private key from a TREZOR, if it still runs with firmware 1.3.1.  It is an interesting read on how to take a device and see what is happening inside based on the power it is drawing.

Scope Output

Jochen did the right thing and informed Satoshi Labs of his result first. This is why the latest firmware, 1.3.3, will ask for a PIN when computing the public key. Also Satoshi included his suggested patches in the latest firmware that will reduce the information leaked through side-channels during computation of public keys, signatures, and decryption.

Read the entire investigation on Jochen’s website.

Do you like this type of investigation, let us know in the comments!

 

Make a robot friend with Adafruit’s CRICKIT – A Creative Robotics & Interactive Construction Kit. It’s an add-on to our popular Circuit Playground Express, FEATHER and other platforms to make and program robots with CircuitPython, MakeCode, and Arduino. Start controlling motors, servos, solenoids. You also get signal pins, capacitive touch sensors, a NeoPixel driver and amplified speaker output. It complements & extends your boards so you can still use all the goodies on the microcontroller, now you have a robotics playground as well.

Join 7,500+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

CircuitPython in 2018 – Python on Microcontrollers is here!

Have an amazing project to share? Join the SHOW-AND-TELL every Wednesday night at 7:30pm ET on Google+ Hangouts.

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Follow Adafruit on Instagram for top secret new products, behinds the scenes and more https://www.instagram.com/adafruit/

Maker Business — Fewer startups, and other collateral damage from the 2018 tariffs

Wearables — Light as a Worbla feather

Electronics — How to make your own magnetic field probe!

Biohacking — The State of DNA Analysis in Three Mindmaps

Python for Microcontrollers — One year of CircuitPython weeklies!

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !

No Comments

No comments yet.

Sorry, the comment form is closed at this time.

Filed under: bitcoin, hackers
Tags: , , — by Mike Barela

Comments Off on Extracting the Private Key from a TREZOR Bitcoin Wallet with a $70 Oscilloscope