Back to the list

Trezor hits back at Ledger; releases report to counter claims of its wallets being vulnerable to attacks


ambcrypto.com 13 March 2019 07:00, UTC
Reading time: ~3 m

Trezor wallet responded to Ledger’s claims that its devices were vulnerable to attacks. At the recently held MIT Bitcoin Expo in Boston, Charles Guillemet, the Chief Security Officer at Ledger, had made news after he publicly stated that four of Trezor’s devices were “completely broken.” Ledger later went on to release a report titled “Our Shared Security: Responsibly Disclosing Competitor Vulnerabilities,” which detailed five key vulnerabilities in their competitor’s products.

A day after Ledger published their report, Trezor responded to the assertions made by their competitor, with a report of their own titled, “Our Response to Ledger’s #MITBitcoinExpo Findings.”

Trezor began by stating that the attacks mentioned in their competitor’s report were not “exploitable.” It said,

“Starting off, we would like to highlight the fact that none of these attacks are exploitable remotely. All of the demonstrated attack vectors require physical access to the device, specialized equipment, time, and technical expertise.”

In the Ledger report, the third, fourth and fifth vulnerabilities pertained to the anonymity of data and secret key hacking, requiring physical access to the wallet.

Referencing a report by Binance, Trezor’s report stated that only 5.93 percent of respondents suggested physical attacks or thefts as being the most pertinent threat, with 66 percent suggesting that remote attacks presented a more urgent concern. Based on the study, Trezor stated that the customers concerned with physical attacks can be “protected using a passphrase.”

They further stated that remote attacks were the main purpose of wallet manufacturers,

“The primary purpose of a hardware wallet has always been to protect users and funds against malware attacks, computer viruses, and various other remote dangers (like stealing all funds from Ledger via the Stealth Change Address).”

To Ledger’s first claim that the integrity of Trezor devices can be imitated, Trezor replied,

“There is no way a piece of hardware can inspect itself and verify its integrity. Hardware attestation is not a solution, as hardware modifications can be (and have been) added, resulting in the device confirming it is genuine.”

With respect to the Side Channel Attack vulnerability claimed by Ledger, Trezor stated that this vulnerability was “close by back-porting the way to store data,” relating to the Trezor Model T to Trezor One.

Once the PIN vulnerability is resolved, the secret key extraction using the Side Channel Scalar Multiplication can also be rectified, stated the hardware manufacturer. The aforementioned claims are pegged on the assumption that the attacker has access to the users’ PIN and physical access, which Trezor disputed.

Trezor stated that they were asked by Ledger not to mention the surprise concluding attack due to its wider implications for the microchip industry. They further added that the company refrained from giving any more information to this effect.

Finally, Trezor appealed to its users to set up a passphrase-protected wallet with multiple passphrases for additional security. Marek Palatinus, the CEO of SatoshiLabs and the creator of Trezor hardware wallets, concluded,

“We would like to thank Ledger for practically demonstrating the attack that we have been aware of since designing Trezor. Because we realize no hardware is 100% safe, we introduced the concept of passphrase; that besides plausible deniability eliminates many kinds of physical attacks, like this one.”

Trezor’s response to the claims made by their competitor were summed up as,

Source: Trezor

Back to the list