Paper 2019/034

A Formal Treatment of Hardware Wallets

Myrto Arapinis, Andriana Gkaniatsou, Dimitris Karakostas, and Aggelos Kiayias

Abstract

Bitcoin, being the most successful cryptocurrency, has been repeatedly attacked with many users losing their funds. The industry's response to securing the user's assets is to offer tamper-resistant hardware wallets. Although such wallets are considered to be the most secure means for managing an account, no formal attempt has been previously done to identify, model and formally verify their properties. This paper provides the first formal model of the Bitcoin hardware wallet operations. We identify the properties and security parameters of a Bitcoin wallet and formally define them in the Universal Composition (UC) Framework. We present a modular treatment of a hardware wallet ecosystem, by realizing the wallet functionality in a hybrid setting defined by a set of protocols. This approach allows us to capture in detail the wallet's components, their interaction and the potential threats. We deduce the wallet's security by proving that it is secure under common cryptographic assumptions, provided that there is no deviation in the protocol execution. Finally, we define the attacks that are successful under a protocol deviation, and analyze the security of commercially available wallets.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Financial Cryptography 2019
Keywords
digital signaturesblockchains
Contact author(s)
dimitris karakostas @ ed ac uk
History
2019-01-17: received
Short URL
https://ia.cr/2019/034
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/034,
      author = {Myrto Arapinis and Andriana Gkaniatsou and Dimitris Karakostas and Aggelos Kiayias},
      title = {A Formal Treatment of Hardware Wallets},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/034},
      year = {2019},
      url = {https://eprint.iacr.org/2019/034}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.