Edinburgh Research Explorer

Low-Level Attacks in Bitcoin Wallets

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Original languageEnglish
Title of host publicationInformation Security
Subtitle of host publication20th International Conference, ISC 2017, Ho Chi Minh City, Vietnam, November 22-24, 2017, Proceedings
PublisherSpringer, Cham
Number of pages21
ISBN (Electronic)978-3-319-69659-1
ISBN (Print)978-3-319-69658-4
Publication statusPublished - 20 Oct 2017
Event20th International Information Security Conference - Ho Chi Minh City, Viet Nam
Duration: 22 Nov 201724 Nov 2017

Publication series

NameLecture Notes in Computer Science (LNCS)
PublisherSpringer, Cham
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference20th International Information Security Conference
Abbreviated titleISC 2017
CountryViet Nam
CityHo Chi Minh City
Internet address


As with every financially oriented protocol, there has been a great interest in studying, verifying, attacking, identifying problems, and proposing solutions for Bitcoin. Within that scope, it is highly recommended that the keys of user accounts are stored offline. To that end, companies provide solutions that range from paper wallets to tamper-resistant smart-cards, offering different level of security. While incorporating expensive hardware for the wallet purposes is though to bring guarantees, it is often that the low-level implementations introduce exploitable back-doors. This paper aims to bring to attention how the overlooked low-level protocols that implement the hardware wallets can be exploited to mount Bitcoin attacks. To demonstrate that, we analyse the general protocol behind LEDGER Wallets, the only EAL5+ certified against side channel analysis attacks hardware. In this work we conduct a throughout analysis on the Ledger Wallet communication protocol and show how to successfully attack it in practice. We address the lack of well-defined security properties that Bitcoin wallets should conform by articulating a minimal threat model against which any hardware wallet should defend. We further use that threat model to propose a lightweight fix that can be adopted by different technologies.


20th International Information Security Conference


Ho Chi Minh City, Viet Nam

Event: Conference

Download statistics

No data available

ID: 43631683