Re: Secure Element in Hardware Wallets

Quote from: JL0 on May 27, 2022, 06:23:08 PM

Quote from: dkbit98 on May 25, 2022, 03:34:25 PM

Secure element information updated for ColdCard Mk4 hardware wallet, that now have two secure elements SE1 Microchip ATECC608B and SE2 Maxim DS28C36B, along with STM32 main microcontroller.
They are using something called Pairing Secret, that means that secret is shared between three components, two secure elements and microprocessor.
If one of those chips get's compromised, wallet with secret will be safe, and they use trick PIN's for improving security of their devices.
ColdCard developers explained better in more details how Dual Secure Elements work on their github page:
https://raw.githubusercontent.com/Coldcard/firmware/master/docs/mk4-secure-elements.md

More information about second secure element they use - DeepCover Secure Authenticator Maxim DS28C36:
https://www.maximintegrated.com/en/products/embedded-security/secure-authenticators/DS28C36.html

Are there other wallets that use such a procedure?

The term "pairing secret" sounded familiar and I could swear I saw it somewhere before. Turns out that Coldcard's Mk2 hardware wallets use pairing secret as well, but only between one secure element and the microcontroller. Ledger's Donjon team successfully attacked the older ATECC508A secure element chip with laser beans back in 2020, but such an attack is not possible on the newer chip models.