What makes JuBiter Blade a more secure wallet
There are many things to worry about in the crypto world. Security is always the TOP priority.
“Security” have always been a serious proposition for the cryptocurrency industry. Blockchain security ranges from on-chain security (cryptographic algorithm selection, consensus protocols, contractual vulnerabilities, etc.) to eco-security (exchanges, mining pools, asset hosting services, etc.) to endpoint security (wallets). Each role has different responsibilities, but all are equally critical, the slightest mistake can cause irreversible losses. Stories caused by security issue have been common in the history of the cryptocurrency industry, and endpoint security in particular is closely tied to the safety of users’ assets. Unlike traditional finance, where there are many ways to try and recover lost assets in the real world, in the world of cryptocurrency, the private key is the only proof of the ownership of your assets and you should be responsible for it. Users need to generate, hold and use private keys in a secure way. In terms of security, hardware wallets are the best option available.
This article will describe the security issues that hardware wallets are facing, solution, and how JuBiter addresses them.
Security Issues and Strategies
Phishing
Phishing attack is the most common attack method on the Internet, this attack relies on the subjective judgment of people’s susceptibility to error, in order to deal with this kind of attack, on the one hand, users should improve security awareness, follow the security guidelines to deal with digital currency transactions; on the other hand, hardware wallets should provide countermeasures for users to use, key information “offline creation”, “what you see is what you sign” and physical confirmation to prevent user from phishing attacks.
Hardware Structure Design
First is the choice of the core chip. A high grade SE chip is essential to provide effective protection against a wide range of attacks. The ability to resist error injection attacks, temperature and dissection slices, and various forms of side channel attacks is something that the MCU does not have. There are some debates in the community about “Open Source vs Secure element”. We will illustrate our views in later articles. One fact that has already happened is that there have been instances where MCU based hardware wallets have been attacked.
Secondly, the SE needs to be central to the overall hardware architecture, it should handle everything on its own, key operations, privilege checking, the Screen display and button control and so on, if the SE has to rely on an auxiliary MCU to do some of its functions for it. According to the barrel theory, the security level of these functions will be reduced, and thus the security of the whole hardware system (of course, it can be (Threats are mitigated by some technical means). Similar examples of attacks have occurred as well.
(Please refer to www.riscure.com for more detailed description of those attacks.)
Random Number
Random numbers have a crucial role to play in cryptography, and a large number of cryptography-based cybersecurity algorithms use random numbers. A compliant random number needs to meet both randomness and unpredictability requirements. The use of non-compliant random numbers for signature operations can lead to attacks on private keys.
Authorization security
The password (or fingerprint) and physical user presence are the two key points of signature authorization, the password securing your private key if you accidentally lose your device, and the physical user presence provide protection against phishing attacks.
Passwords should be created, modified, and verified offline or in ciphertext, and should not appear in plaintext on the communication link to prevent Eavesdropping. Security requires the user to enter a password every time they sign. The password should have a limit on the number of retries to prevent brute-force cracking, and the device needs to be automatically cleared of seeds and private keys if it locks down. Physical test of user presence should not be bypassed under any circumstances.
Malicious Firmware Prohibition and Supply Chain Security
The cryptocurrency industry is in rapid development, with relatively frequent improvements in technical solutions and protocols, firmware upgrades are essential, and it is critical to ensure that only official firmware is updated.
Responding to supply chain attacks is also an important aspect of hardware wallet security, which relies on device authenticity and some other supporting tools.
Firmware Architecture
From the security point of view layered architecture and native architecture is not much difference, but if the product is based on the SE chip as the core, then the native architecture will generally be limited by confidentiality agreements and can not provide any open source, layered architecture can achieve business logic open-source.
Communication Channel
With the exception of firmware update channels and PIN are protected, channel security is not necessary in digital currency transactions for the following reason. Digital currency transactions are inherently public on the chain and it doesn’t matter if someone on the link is eavesdropping on the transaction.
Compatibility
In the process of cryptocurrency development, there are some agreed community norms for digital currency wallets to maintain compatibility with BIP32\BIP39\BIP 44, so that users will have more freedom of choice, even if a brand no longer provides services, users can still continue to use the original key with other services.
JuBiter Blade
JuBiter conducts security threat analysis from the beginning of the product lifecycle, from design, development, release, and operation:
1. Offline creation of security related aspects, create or restore wallet, create PIN code. the whole process is executed without any communication protocol enabled.
2. Choose a military level secure element (infineon CC EAL6+ SE, TRNG). The security chip has full control over the creation, storage, derivation, signing of the root key; the security chip manages also manages peripherals independently, such as Screens, buttons, etc..;
3. Strict lifecycle definition and role authorization mechanism to guarantee the security of system control, identity authentication, data transmission and storage, key management, key management, session management and other operations.
4. Mature JavaCOS hierarchical architecture enables applet update with the using scenario and firmware update with eco-system. Adopt SCP11C technology solution to establish the update channel to satisfy the user’s need to experience the latest technology development in the community under the premise of data security.
Since the birth of Bitcoin, cryptocurrencies have been developed for 11 years, and its innate financial properties have always been a strong topic of discussion. Even though the blockchain technology behind it have already been widespread acceptance, the cyrptocurrency is still controversial today ; But from a development standpoint, the crypto community is still at the forefront of blockchain technology. We believe that cryptocurrencies will not be absent from the future of the financial world and are willing to contribute to it.
