A Closer Look Into Ledger Security: the Root of Trust

02/25/2019 | Blog posts


In the previous articles, we have taken a closer look at Secure Elements and our custom Operating System – BOLOS. This time, we will take a closer look at the Root of Trust.

When receiving their Ledger device, most want to immediately start using it. One will notice, however, that there is no security seal on the packaging to show that this is a legitimate Ledger device.

It is paramount to ensure that your device is genuine. An attacker could otherwise have replaced a genuine device by a fake and backdoored one. In this case, he would be able to access to your crypto assets afterwards. Anti-tampering seals (or holographic seals) can give you a false sense of security. Not only are they trivial to clone, but it is also easy to open and close a package without damaging the seal.

As cryptocurrencies are a high value target for attackers, a real security mechanism is required to make sure that your device is a genuine one.
At Ledger, we use a cryptographic mechanism to check if your device is a genuine Ledger hardware wallet.

We use a validation process based on a Root of Trust.

What is an attestation and how does it work?

The attestation is a validation process that can check the genuineness of Ledger devices.

In simple words, every time you use a Ledger device to process a critical action at the firmware level (such as updating the OS, installing or removing apps), an HSM (secure server) will send a challenge to the device (a randomly generated number). This means it is requesting the device to prove its genuineness. The device can prove that it is genuine by providing a correct signature for the challenge.     

If the server is able to verify the signature of the device, it validates its genuineness and allows the connection. If this is not the case, it blocks it instead.

Let’s take a closer look into it.

Setting up an attestation for Ledger devices during manufacturing:

To be able to make use of a Root of Trust, the following steps take place during the manufacturing of a device:


This attestation allows Ledger’s HSM  to verify if the device is genuine afterwards.

Using the Root of Trust after manufacturing:

When using the Ledger device for the first time, there will be a verification of its genuineness.

Here is how it works:


Ledger genuine deviceIf the device’s signature is confirmed as correct by the HSM, the device will be established as genuine, and will be allowed to access the Ledger Live manager.


Ledger device not genuine

Otherwise, a warning message is shown indicating the device is not genuine and the Ledger Live manager will be inaccessible.

This authentication procedure protects Ledger users against counterfeited Ledger devices.

When do we use a Root of Trust to check if a device is genuine?:

None of the previous mentioned can be performed with a counterfeited device.

What if Ledger did not make use of a Root of Trust ?

If Ledger devices did not use the attestation mechanism, anyone could tamper with a device to turn it into a tool for stealing your crypto assets. Equally, one could create a completely different device that looks completely identical to a Ledger Nano S, and load this clone with corrupt software designed to steal crypto assets from its users.

A “security” seal is nothing compared to a cryptographic mechanism. It’s easy to counterfeit, and gives a false sense of security. If it is possible for hackers to tamper with or mimic a device in such a way that allows them to steal crypto assets, it would be a much easier task to replicate one of these stickers, let alone removing one and sticking it back on again.

Conclusion

Leveraging a Root of Trust for our hardware wallets is essential for security. This genuineness mechanism allows us to block fake devices pretending to be real Ledger hardware wallets. Furthermore, you will be able to update your device without the risk of a rogue firmware or app being installed. This helps protect your crypto assets.

For our next articles, we will look into how we at Ledger keep our edge. The first of three will cover our bounty program.

The Ledger Nano X – our next generation hardware wallet, is now available for pre-order. Click on the banner underneath to learn more about it:
Pre-order Ledger Nano X