The video discusses an exploration of HSM (Hardware Security Module) security and a bug discovered during the bug bounty program. The speaker, Sergey, shares his background, experience with high-security devices, and his findings while investigating a firmware based on a modified Ledger hardware wallet. He details the vulnerabilities present and the methods he used to uncover them.
Sergey introduces himself and the topic of HSM security, mentioning the startup point of boredom and interest from a bug bounty program.
The firmware in question was recently open-sourced for a specific blockchain solution that Sergey was unfamiliar with.
He discusses the significance of using open-source projects, particularly in the blockchain space, simplifying the research process.
Overview of HSM devices, including their functions and overlaps with other secure devices like TPMs and secure elements in smartphones.
Focusing on a specific HSM based on the Ledger device, Sergey describes its architecture and functionality.
He highlights the importance of physical security measures for HSMs against tampering.
Sergey finds an unexpected USB-related bug in the firmware that allows for out-of-bounds writing, which can be exploited.
He outlines a method for exploiting this bug to gain access to sensitive information like private keys.
The speaker shares his findings with the vendor, detailing how he was able to retrieve the private key when querying for the public key.
Concludes with remarks on the lack of mitigations in high-end security devices and the consequences of patch propagation issues prevalent across different products.
Keypoints:
Youtube Video: https://www.youtube.com/watch?v=iPMN9bQYmIU
Youtube Channel: Hexacon
Video Published: 2024-11-08T09:53:41+00:00