We’re thrilled to announce the upcoming release of the Ledger Nano S firmware 1.5, which brings new cryptographic algorithms, security improvements and additional features.
New cryptographic algorithms
Ledger aims to provide its users with the most flexible platform, supporting a maximum number of blockchain and cryptocurrency projects. The upgrades included in this update will provides more possibilities for third party developers to bring support for their favorite crypto assets by adding several specific cryptographic algorithms which were previously missing.
We will regularly implement new algorithms in BOLOS and deploy them to all devices through firmware updates. This update will provide the following algorithms:
- BLAKE2b: this enables size reduction of projects already using BLAKE2b (ZCash and Komodo following the Sapling update, Nano and others).
- Groestl: this enables the future support of Groestlcoin.
- Schnorr with Zilliqa scheme: this enables the future support of Zilliqa.
New derivation schemes
- Bip32-ed25519: this enables the future support of Cardano and new Tezos derivation paths.
The Donjon security team has been relentlessly attacking the Ledger Nano S and evaluating its software stack. This has led to some major improvements in code and architecture.
Here is the non-exhaustive list of security improvements which will be included within the 1.5 release:
- Full redesign of the arithmetic architecture
- Improved MCU genuine check (firmware attestation)
- PIN code implementation has been improved for better resistance to hardware attacks
- Hardening of the PIN code against various hardware and side channel attacks
Additionally, the 1.5.5 firmware version is the first release to have been fully evaluated against the CSPN certification. CSPN stands for “Certification de Sécurité de Premier Niveau” (First Level Security Certification) and is issued by ANSSI, the French National CybersSecurity Agency.
We expect the CSPN certification of the Ledger Nano S to be issued in the coming weeks, and we’ll come back with an announcement, including more details on this important milestone.
WebUSB has been enabled for the dashboard, allowing application management from any compatible browser. In the future this means that applications similar to Ledger Live will be able to install multiple apps at once or reinstall the apps after a firmware update.
Application management has been improved so that free space is recovered when an application is deleted. This solves an issue where sometimes it was necessary to remove all applications to reinstall one.
Stay tuned for the full release of the Ledger Nano S 1.5 firmware update.