Physical attacks on computing hardware are rare, but can have devastating impact. Physical tampering with a device can include adding or removing electronics to immediately exfiltrate data or to surreptitiously change the device’s behavior while the owner is using it post-tamper. Short of modification, an attacker can simply swap out one device for an identical looking one without the owner noticing unless the owner marks it with unique visual characteristics.

Back in 2013 at the Chaos Computing Congress, security researchers Eric Michaud and Ryan Lackey proposed a DIY method to bolster tamper evidence using glitter nail polish. Glitter nail polish creates tiny colored specks randomly distributed on a surface that are very difficult to physically bypass without obviously breaking the polish seal, or to reproduce with another coat. Detailed digital photos compared over time will show tampering of a device bejeweled in this fashion. Since it’s nail polish, the bottle comes with a brush applicator that makes it easy to precisely apply polish to any surface.

Materials used:

  • 1 bottle super glue
  • 1 q-tip cotton swab
  • 1 bottle glitter nail polish
  • 1 bottle clear nail polish base coat
  • 1 bottle clear nail polish finish coat
  • Paper towels / latex gloves
  • 1 Digital camera
  • (Optional) Legos and duct tape

While the Ledger Nano S has software mitigations against tampering via attestation, it lacks quickly verifiable physical tamper evidence. You can easily open the device and access the chips inside without creating markings. If you do not uniquely mark the device, it could be swapped with an identical-looking one programmed to, for example, steal your PINs. I used glitter nail polish on a Nano S as a tamper evidence proof-of-concept.

First, I opened the Nano S and took high resolution photos of the interior. I verified that this device was a Revision 1 based on the references photos provided by Ledger. I also constructed a rig using legos and duct tape to position my digital USB microscope to fix the position of the camera so that photos would always look roughly the same.

I also used Ledger’s Python module to verify the firmware:

$ pip install --no-cache-dir ledgerblue

...

Successfully installed ecpy-0.8.2 future-0.16.0 hidapi-0.7.99.post21 ledgerblue-0.1.16 pillow-5.0.0
$ python -m ledgerblue.checkGenuine --targetId 0x31100002

Product is genuine

 

Fortunately, all of the openable edges fall on a single face of the device, so sealing those edges and photographing them are very straight-forward.

 

Before applying any nail polish, I tightened the removable face to the device with rubber bands and applied a thin layer of super glue around the edge, spreading it out with a cotton swab; this secured the plastic front plate, which had become loose after opening it a few times. The superglue also prevented any nail polish from seeping through the crack into the device and damaging the electronics.

I noticed with previous use of glitter nail polish on electronics that the specks of glitter tend to get rubbed off easily through casual contact, which breaks the tamper evidence. When women apply polish to their nails, they can preserve it longer by applying a base coat below their colored nail polish and a finishing coat on top of it; I used both for this project, applying 1 clear base coat below the glitter, and multiple layers of top coat until the surface was smooth and unlikely to shed glitter from casual contact. This is especially important for the Nano S, which has a pivoting metal plate that covers the screen during storage, and which could easily wipe away the glitter. You can see how dry and fragile the glitter looks before the clear finish coats:

After applying multiple top coat layers, you can see that the glitter is safely encased and still visible:

I decided this looked a little messier than it needed to, and filled in the remainder of the face:

Here’s how it looks with the cover returned:

I also took some more photos with the digital microscope. These photos would be the most easily reproducible, but the overhead glare from the microscope’s light tended to make the individual specks harder to see compared to my mobile device’s photos:

 

Unfortunately, I don’t think anyone has fulfilled Eric and Ryan’s original concept of identifying the color patterns automatically with software, but you can fairly easily pick out certain color features from the photographs and compare them the old-fashioned way. An attacker would have to either swap the device with a new one that happened to look sufficiently similar, or breach the thick layer of polish without creating cracks that would be noticed later.

I only use this particular Nano S for testing. You might not want to assist an attacker’s creation of a look-alike by publishing photos of the glitter pattern online.

One thought on “Improving Tamper Evidence for Hardware Wallets

Leave a Reply

Your email address will not be published. Required fields are marked *