A 15-year-old security man discovers a deficit in the digital "Ledger"

A 15-year-old security researcher discovered a serious flaw in the Ledger digital currency portfolio system, a French company whose products are designed to protect public and private keys used to receive or send user digital currency.

Hardware wallets such as those sold by Ledger are designed to protect private user keys from malicious software that may attempt to reap these credentials from a user's computer. Devices enable transactions via a USB port connection on a user's computer, but they do not reveal the private key of the computer. However, Salim Rashed, a 15-year-old UK security researcher, discovered a way to get special keys from the Ledger system. The Raid method requires that the attacker have physical access to the device. This type of hack is usually unnoticeable because they fall under the # 1 security rule - that is, if the attacker has physical access to your device, it is no longer your device.

The problem is that consumer demand for Ledger products has surpassed the company's production capacity (it sold more than 1 million of the most popular Nano S models to date). This has led the company's chief technical officer to publicly announce that the built-in Ledger portfolio security model is so strong that it is safe to purchase products from a wide range of third-party vendors, including Amazon and eBay. But Rashid has discovered that the Ledger product distributor can update the hardware with a malicious software program that is expected to be used by potential buyers, then wipe the private key and drain the user's digital currency when it is accessed by the user.

The main problem is that the Ledger devices contain a secure processor chip and an insecure microcontroller chip. The latter uses a variety of non-security purposes to handle USB connections to display text on the digital display on Ledger devices, but chips still pass information between each other. Rashid found that the attacker could expose the microprocessor to risk in Ledger devices to run malicious code without being detected. Ledger's products also have an audit mechanism to make sure that the software commands that power the devices are not being modified, but a rich demonstration of the software concept - released today in conjunction with the Ledger announcement about the new firmware update designed to fix the error - shows that an attacker is allowed to force the device on Avoid those security checks. He said in an interview with KrebsOnSecurity:

"You basically trust an insecure chip by not changing what is displayed on the screen or changing what the buttons say. You can install what you want on this unsafe chip, because the symbolic commands that work there can lie to you "

Kenneth White, Project Manager, Open Crypto Audit, had the opportunity to review Rashed's results before publishing them today. White said he was impressed by the elegance of the assault law to prove the concept, which Rashid sent to Ledger about four months ago. White said that the commands of the software developer spoil the security of the Ledger process to generate backup code commands for the user's private key, which relies on a random number generator that can be produced to produce non-random results. He said:

## "In this case, [the attacker] can adjust it the way he wants. The victim generates keys and backup commands, but is actually foreseen by the attacker because he controls the random number generator in the Ledger "

Rashid said Ledger initially rejected his findings as unbelievable. But in a blog she published today, Ledger says she has since redressed the flaw Rashid found - along with other discoveries by various security researchers - in updating the firmware of the Nano-S firmware from version 1.3.1 to release 1.4.1 (The firmware update was already released by the company on March 6, which may give the attackers time to reverse engineer a router).

The company is still working on an update to the more expensive Ledger Blue devices, which Charles Glemit, the company's security officer, said would be ready soon. Gilmit said that Nano-S devices should alert users to a firmware update that is available when the client connects the device to the computer.

"The weakness he found was based on the fact that the secure element was trying to authenticate the microcontroller, and that the authentication was not strong enough," he told KrebsOnSecurity. This update works with authentication more tightly so that the user can not be deceived. Rashid added that Ledger does not include a tamper protection seal or any other device that warns customers that the Nano S was actually opened or modified before being used for the first time by the customer, unlike its competitors in the hardware industry. In response to the question whether Ledger intends to add protection to tampering with its products, Gulmit said that such mechanisms do not add any protection. He explained:

"For us, the tamper protection seal does not add security to the device because it is very easy to fake, and you can buy some security seals from the Internet. For us, from the lie to our customers use this kind of seal to prove the genuineness of our product "

He added that despite Rashed's findings, he saw no reason to change his recommendation that customers interested in freedom be interested in buying the company's products through other suppliers. And he said:

"As we have upgraded our solution to validate our product using cryptographic tests, I do not see why this statement should be changed"

. However, since many digital currency owners are turning into wallets