INDUSTRIES

Crypto Wallet Security Services

The security of crypto wallets depends directly on the components used and the implementation of their hardware, software, and communication protocols. Independent, third-party validation and advice by security experts is therefore critical to ensure that crypto wallets are robust against relevant threats.

Download the Fact Sheet

Context

According to Allied Market Research, the global hardware wallet market size will grow at a compound annual growth rate of 24.0 % from 2021 to 2028.
Both custodial and non-custodial wallet solution developers need to secure their business and build user confidence in how their crypto assets are protected. We can give you that confidence.

Our mission

We help companies build secure, validated crypto wallet solutions

Gain valuable insights that will drive your success

Expertise you can trust

We ensure the security and robustness of crypto wallets  based on more than 25 years of research, analysis, development, and operational excellence in security. Our IoT Security Labs and security experts use state-of-the-art equipment and advanced techniques to validate the security of your products and give you advice you can use.

How we work together

We work with you to assess your security threats and opportunities and help you create a crypto asset wallet - whether it’s a physical one, an app, or a service - that protects keys for cryptocurrency transactions. We provide security designs, security assessments and pre-certification support for government schemes like CSPN.

APPROACH

3-Steps to a secure crypto wallet

How do we help you gain customer confidence and ensure the business success?

Threat Assessment

We identify attack vectors, followed by evaluation of threats based on likelihood, complexity, and business impact. This results in a comprehensive view of risks that should be protected against.

Architecture review

We validate the presence and efficacy of security controls.
We highlight any security risks associated with the architecture and with the implementation of critical features.

Lab Evaluation

We provide concrete proposals for threat mitigation measures. We review the security of source code for software wallets and conduct pen tests on virtual ledgers and apps. We perform hardware attacks on secure elements for hardware cold Personal Security Devices.

Method

Main focus areas to secure crypto wallets

We examine five key elements of your wallet design

1
Security of identification and end-user authentication mechanisms (e.g. PIN, user interface).
2
Confidentiality, integrity and availability of the wallet, crypto assets and secret keys (e.g. plausible deniability, genuine PSD, deterministic RNG, seed generation, transaction signature).
3
Robustness of cryptographic primitives implementation (e.g. side-channel attacks due to bias in key handling algorithms).
4
Connectivity, communication patterns and protocols, offline constraints.
5
Security lifecycle (e.g. provisioning, secure software / firmware updates, decommissioning / revocation).

Core ingredients

Building a secure solution, from design to operations

In more detail, here are the activities we undertake in each phase of our assessment and evaluation process

Threat Assessment & Risk Analysis, Architecture Review

System- and device-wide market-specific threat analysis

Security Target Definition, listing of critical security controls

Classification of assets, risk, probabilities of attack vectors and impact

Validation of efficiency of security controls

Cryptographic schemes review and implementation analysis

Identification of non-addressed security risks

Evaluation in our IoT Security Lab

Remediation analysis to validate the effectiveness of countermeasures and security controls

Non-invasive low-costs attacks, advanced electrical, EM and multi-locations laser fault injection, multi-temporal hardware attacks

State of the art side-channel attacks, DPA, using deep machine learning

Application penetration testing Source code security review

Compliance validation against standards, such as BIP32, BIP39, BIP44

Client references

The following customers have depended on the Kudelski Group for our expertise in ensuring the security of their products and services.

Crypto Wallet Fact Sheet

Fact Sheet

Crypto Wallet Security

Independent, third-party validation and advice by security experts is critical to ensure that crypto wallets are robust against relevant threats.

GET IN TOUCH

Contact us to learn more

For more information about our Crypto Wallet Security services, contact us….

BEHIND THE SCENES

Our IoT Security Labs ensure you stay one step ahead of hackers

Using advanced tools in our state-of-the-art Swiss labs, we carry out a wide variety of tests and attacks on your technology in order to provide you with actionable security insights. Below are just a few of the techniques we use.

Side Channel Analysis

Side Channel Analysis refers to the use of information leakage related to an event which is obtained through secondary phenomenon, such as changes in power consumption or magnetic field emission.

When protections such as masking are not sufficiently efficient, it can lead to the recovery of secrets from the operation of an electronic device. Often these secrets are cryptographic keys.

  • Power and electromagnetic analysis
  • Differential Power Analysis, Correlation Power Analysis, Mutual Information Analysis
  • In-house developed trace processing suite

Fault Injection

Fault attacks modify the behavior of a system, by disrupting the code executed by semiconductors.

It may allow access to restricted functionality or information (keys, parameters or code) and can simplify cryptographic attacks compared to brute force attacks. It can also be used as an enabler to perform further attacks such as code dump.

  • Laser, Electro-magnetic and electrical glitch injection
  • Multi-location, multi-fault laser and Electro-magnetic capability with fast repetition
  • Real-time multiple fault synchronization to internal events
  • Differential fault analysis, key and date extraction

Imaging & IC Modification

Invasive techniques are performed with powerful tools for imaging (SEM) and circuit edit (FIB).

Reverse engineering allows the identification of specific logic and circuit edit tools can remove (nano-etching) or deposit materials (nano-soldering) with nanometer precision. These capabilities can be used to cut and connect circuitry within a device, allowing a permanent modification of the behavior of the chip, as well as to create probe points for accessing signals of interest.

  • Device teardown
  • Sub-micron imaging and circuit modification
  • Scanning Electron Microscope (SEM)
  • Focused Ion Beam (FIB)
  • Localized circuit reverse engineering

SW Attacks & Pentest

Flawed functions and exposed network services may lead to the compromise of an entire network or system.

They allow an unverified user to steal data or gain further access, elevating privileges to administrator level, tamper with a device or get insights on means to develop targeted attacks. The extraction and the analysis of a firmware and memory content can highlight maintenance or supervisor accounts, injection flaws, buffer overflows, format strings or firmware update and secure boot vulnerabilities.

  • White-box security evaluation of source code
  • Security coding guidelines / best practices
  • Micro-code extraction, de-obfuscation, decompilation and reverse engineering
  • Embedded device penetration testing
  • Software defined radio signal processing
  • Common Vulnerabilities and Exposures (CVE) detection