Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Beginners & Help
Re: Cold Storage scam
by
Cobo_Vault
on 24/04/2020, 08:44:33 UTC
We have a solution to supply chain attacks we would like the community to know about because it uses the same cryptographic algorithm using in Bitcoin to make sure the Secure Element isn't bypassed when it gets to you (and you end up with private keys that someone else has access to).

This is how it works:

Each hardware wallet has a pair of public and private keys pre-installed in the Secure Element during manufacturing that is used solely for the purpose of Web Authentication. This pair of keys has nothing to do with the public and private master key pair generated from physical entropy by the Secure Element for the HD wallet during initialization of the device. We will call this pair of public and private keys Web Authentication keys.

The backend of the Web Authentication page is operated by a hardware security module (HSM) server, which is a highly secure cryptoprocessing service offered by AWS. Like a Secure Element, it also has a pair of public and private keys. Each device’s Secure Element knows the public key of the HSM server, while the HSM server knows that device’s Web Authentication public key.

On the Web Authentication page, you will be prompted to scan a QR code. This QR code is a random string of numbers generated by the HSM which has been encrypted with your device’s Web Authentication public key and then signed by the HSM’s private key. When you scan this QR code, your hardware wallet will first use the HSM’s public key to verify the HSM server’s signature of the message. This is to ensure that the QR code you are looking at is from the official Web Authentication page, and not the victim of a phishing scam.

The device will then use its Web Authentication private key to decrypt the message that was encrypted with its public key by the HSM server. This results in the 8 digits you are asked to enter into the Web Authentication page after scanning the QR code. The HSM system will then check to see whether the digits align with the original random string it generated. If Web Authentication fails, you will not want to use your device at all. A failure message indicates that either your device is not operating the Secure Element it was manufactured with, or that your device was swapped out for a counterfeit entirely.