IEEE Access (Jan 2024)

Cloning Hardware Wallet Without Valid Credentials Through Side-Channel Analysis of Hash Function

  • Dongjun Park,
  • Joonsup Kim,
  • HeeSeok Kim,
  • Seokhie Hong

DOI
https://doi.org/10.1109/ACCESS.2024.3440370
Journal volume & issue
Vol. 12
pp. 132677 – 132688

Abstract

Read online

Hardware wallets, specialized devices designed to securely manage users’ credentials, play a crucial role in securing cryptocurrencies, ensuring credentials remain under user control without reliance on third-party entities. However, despite extensive research on Side-Channel Analysis (SCA) attacks, studies specifically addressing their implications for hardware wallets remain relatively limited. While previous work has demonstrated various SCA attacks on hardware wallets, most of these attacks require sophisticated environmental controls or detailed knowledge of target device. In addition, some attacks assume unrealistic scenarios that require valid credentials to conduct the attacks. This paper introduces a novel SCA attack on hardware wallets to extract master seeds—a foundational component in the security of hardware wallets. Our proposed attack leverages power traces obtained during the processing of the Keyed-Hash Message Authentication Code (HMAC), or more precisely, the Secure Hash Algorithm 2 (SHA-2) inside the HMAC. Notably, our attack is non-invasive, ensuring the integrity of the target device, thereby making it difficult for the wallet owners to detect the attack. Furthermore, our attack can be conducted without a profiling phase, excluding the excessive capabilities required for the attack.

Keywords