Not All Chips are Born Equal
|– The security of your crypto assets is highly dependent on the type of chips used.|
– MCU chips are not designed for security and don’t have countermeasures against physical attacks embedded. They are intended for general purposes such as microwaves and TV remotes.
– Safe Memory chips used in hardware wallets have claimed its security even though it has never been tested by an unbiased third party security lab.
– At Ledger, we only use Secure Elements which have been tested by an unbiased third party. These are the only chips accepted for secure solutions such as passports and banking cards.
Hardware wallets are designed to keep your private keys completely offline, ensuring it stays out of reach for online hacks while also providing countermeasures for physical tampering. For this, the hardware used is absolutely vital. At Ledger, we only use the most cutting-edge chips for securing your crypto assets: Secure Elements – Common Criteria Certified Smartcard Chips.
When choosing hardware wallets, an often overlooked part is the actual hardware of the devices. The chips used in hardware wallet devices are the actual physical part which stores the access to all your crypto assets: your recovery phrase (also known as mnemonic phrase). To put it simply: if anyone gains access to this information, it’s game over.
It’s key that the chips used to protect this vital piece of information from anyone wishing to take it is extremely secure, but not all chip types provide the same level of resistance against attacks. You wouldn’t want a chip used in a vacuum cleaner or microwave to be protecting the access to your valuable cryptocurrencies – they’re simply not designed for secure solutions. That’s why at Ledger, we only use the most advanced secure chips called Secure Elements to safeguard your crypto assets, whereas other hardware wallet manufacturers have opted for other chip types. Today, we’re showing you the advantages of using only the most secure chips and why not doing so can be catastrophic.
Microcontroller Unit (MCU)
A generic Microcontroller unit, or MCU in short, is found in lots of different, non-secure devices. Examples of this would be its usage in microwaves or TV remotes. While these chips provide a lot of flexibility for its operations, the hardware is simply not as resistant to physical attacks as other options. Especially when considering the potentially catastrophic outcomes with cryptocurrencies, it is absolutely vital that your private keys are extremely well protected. MCU chips, for example, tend to be vulnerable to voltage and clock glitching – an inexpensive and easy to perform attack method.
While indeed using a passphrase for your hardware wallet using a MCU chip can mitigate this, it does mean that you are forced and dependent on using this advanced feature. Furthermore, you must ensure using a strong passphrase (minimally 37 characters) as it can be brute forced otherwise. Equally, the passphrase needs to be inserted anytime you wish to use your hardware wallet. Any mistake in your passphrase would lead to loss of your crypto assets.
Examples of hardware wallets using an MCU chip to store your recovery phrase: Trezor, Keepkey.
A significant step up from MCU chips are Safe Memory chips. These types of chips are mentioned to provide several countermeasures against physical attacks. There is, however, a major difference between these chips and a Secure Element.
Unlike actual Secure Elements, Safe Memory chips claim their advantages without any given proof. These chips have not gone through the process known as certification, where a security lab evaluates and gives your chip a seal of approval if it successfully withstood their attempts at cracking it. This means that all claims made could be completely ungrounded. It has not undergone intensive testing in which a completely independent, third party security lab tried everything they can to obtain the information stored within the chip..
While claiming to be equal, these chips cannot be seen as Secure Elements due to the lack of being certified. For this, the security of the chip would need to have been evaluated to ensure the claims made are correct. As a result, these chips are refused for secure solutions such as banking cards and passports.
These chips are a bit less flexible as well. The most commonly used Safe Memory chips can perform scalar multiplication on a single elliptic curve which doesn’t work for signing Bitcoin transactions. To mitigate this for hardware wallets, these devices use a dual chip system, with a MCU to help it for faster processing. A deeply concerning fact is that the hardware wallets using Safe Memory chips actually send the private key out of its Safe Memory chip to the MCU when processing transactions. Due to this, it becomes much more vulnerable to side-channel attacks and it increases the attack surface.
Examples of hardware wallets that use a Safe Memory chip: ColdCard, Bitbox.
Secure Elements (SE)
The chip of choice for Ledger hardware wallets, Secure Elements rank among the most secure solutions for storing critical data. These chips are often found in the most high-end data storage solutions such as passports and credit cards. As the data stored through it must under all circumstances remain inaccessible to malicious parties, the chips used in Ledger devices are resistant to fault injections, attacks performed with a high-precision laser, electromagnetic injection, voltage and clock glitching and many more. It is designed to resist extremely sophisticated attacks, providing you with optimal security for your crypto assets and granting you peace of mind. More on its protections against physical attacks can be found here.
Unlike Safe Memory chips, Secure Element chips are certified and have undergone intensive testing by a third-party security lab. By having successfully withstood the attacks performed by them, our Secure Element chips have gotten their seal of approval to show the world it’s been thoroughly tested, thus being certified. We even went a step further and had our entire hardware wallet’s system tested and certified – a first in the market. Both the Ledger Nano S and the Ledger Nano X are certified hardware wallets. We hope to set a new security standard for hardware wallets with this.
While Ledger is using a dual chip system with an MCU as well, the important part is that your private keys remain inside the Secure Element – they are not sent out for processing transactions. Equally the device’s firmware and all cryptographic operations are held within the Secure Element chip.
Ledger is the only hardware wallet that uses chips that are certified by a third party: Secure Elements.
Comparing the Three Chip Types
For your convenience, we have compared the three chips and its use in hardware wallets for you to more easily gain insights into the advantages and disadvantages of each.