Keeping Our Edge: Certification
In the previous interviews with Charles Guillemet, we discussed our bounty program and attack lab, which both have the goal of continuously improving our security. In the last edition of our security focused articles, we’re taking a closer look at certifications.
What is security certification?
Generally speaking, certification is used to show that a product has undergone assessment by a third party and has reached a certain standard. When speaking about security technology, certification is used to show that a specific hardware or software has undergone extensive testing and meets a certain security standard.
Our Ledger hardware wallets use state-of-the-art Secure Element chips , which are used for high-end security solutions for protecting critical data such as credit cards, passports and pay-TV. These chips are certified for their high security level. For these applications, having this level of security is a third-party requirement. For hardware wallets, no such requirement exists. At Ledger, we believe it is our responsibility to provide the highest level of security.
The Secure Elements used in Ledger devices have passed a Common Criteria security evaluation – an international standard for banking cards and state requirements – and have obtained an EAL5+ certificate.
What are the EAL certification levels?
There are seven different levels of EAL, which is the abbreviation for Evaluation Assurance Level.
As mentioned, the EAL level of the Secure Elements we use is 5+. In this framework, the threat model considers remote and physical access for the attacker. During the EAL evaluation process, there are several elements taken into consideration such as:
– Life cycle / supply chain
– Development procedure
– Functional test
– Penetration test
Reaching EAL 5+ ensures having the highest level of security against penetration tests. Going beyond EAL 5+ does not provide a higher assurance against attacks anymore.
There are many types of certifications. The EAL is an internationally recognized, most renowned certificate, but national and even local certificates may exist.
Why is certification important?
Anyone can claim to have a secure device, but it is difficult to trust this claim. Through certificates, an independent third party has assessed the claim.
What does Ledger do regarding certification?
We are currently working on obtaining a certification for the Ledger Nano S.
The certification reviewing process is long and strict. No hardware wallets have obtained security certificates. Under the motto “don’t trust, verify”, we strongly believe in verifying our security claims to our customers, rather than taking our word for it. This is why the Secure Elements that we are using are EAL5+ certified and why we are currently working on obtaining a certificate for the device as a whole.
About Charles Guillemet:
Charles joined Ledger in 2017 as Chief Security Officer after working for 10 years in the Cryptography & Hardware Security sector. Charles holds a Master of Science in Cryptography & Security at the Engineering School ENSIMAG, with a Major in Cryptography and Security, where he is now a Lecturer.