{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T20:26:28Z","timestamp":1757622388080,"version":"3.44.0"},"publisher-location":"Cham","reference-count":50,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783032006325"},{"type":"electronic","value":"9783032006332"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-032-00633-2_21","type":"book-chapter","created":{"date-parts":[[2025,8,8]],"date-time":"2025-08-08T10:15:42Z","timestamp":1754648142000},"page":"360-377","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Large-Scale Security Analysis of\u00a0Hardware Wallets"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0006-4005-2747","authenticated-orcid":false,"given":"Milan","family":"\u0160orf","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9784-7624","authenticated-orcid":false,"given":"Petr","family":"\u0160venda","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8978-5235","authenticated-orcid":false,"given":"\u0141ukasz","family":"Chmielewski","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,8,9]]},"reference":[{"key":"21_CR1","unstructured":"ArduCam: Arducam raspberry pi camera solution (2025). https:\/\/www.arducam.com\/raspberry-pi-camera-solution\/"},{"key":"21_CR2","unstructured":"BitBox: Bitbox 05.2021 Masnee update (2021). https:\/\/bitbox.swiss\/blog\/bitbox-05-2021-masnee-update\/#check-your-secure-chip-variant"},{"key":"21_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-030-32101-7_1","volume-title":"Financial Cryptography and Data Security","author":"J Breitner","year":"2019","unstructured":"Breitner, J., Heninger, N.: Biased nonce sense: lattice attacks against weak ECDSA signatures in cryptocurrencies. In: Goldberg, I., Moore, T. (eds.) FC 2019. LNCS, vol. 11598, pp. 3\u201320. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-32101-7_1"},{"key":"21_CR4","unstructured":"Brown, R.G., et al.: Dieharder: a random number test suite (nd), computer software, version 3.31.1. https:\/\/webhome.phy.duke.edu\/~rgb\/General\/dieharder.php"},{"key":"21_CR5","doi-asserted-by":"publisher","unstructured":"Brumley, B.B., Barbosa, M., Page, D., Vercauteren, F.: Practical realisation and elimination of an ECC-related software bug attack. In: Dunkelman, O. (ed.) Topics in Cryptology \u2013 CT-RSA 2012. LNCS, vol.\u00a07178, pp. 171\u2013186. Springer (2012). https:\/\/doi.org\/10.1007\/978-3-642-27954-6_11","DOI":"10.1007\/978-3-642-27954-6_11"},{"key":"21_CR6","unstructured":"CCRA: Common criteria for information technology security evaluation, parts 1\u20133, version 3.1, Release 5 (2017). https:\/\/www.commoncriteriaportal.org"},{"key":"21_CR7","unstructured":"Ciulei, A.T., Cre\u021bu, M.C., Simion, E.: Preparation for post-quantum era: a survey about blockchain schemes from a post-quantum perspective. Cryptology ePrint Archive, Report 2022\/026 (2022). https:\/\/eprint.iacr.org\/2022\/026"},{"key":"21_CR8","unstructured":"COLDCARD: Coldcard signing device (2025). https:\/\/coldcard.com\/"},{"key":"21_CR9","unstructured":"Consortium, U.: Unicode standard annex #15: unicode normalization forms, version 15.1.0. https:\/\/www.unicode.org\/reports\/tr15\/ (2023)"},{"key":"21_CR10","unstructured":"Courtois, N.T., Emirdag, P., Valsorda, F.: Private key recovery combination attacks: on extreme fragility of popular bitcoin key management, wallet and cold storage solutions in presence of poor RNG events. Cryptology ePrint Archive, Report 2014\/848 (2014). https:\/\/eprint.iacr.org\/2014\/848"},{"key":"21_CR11","doi-asserted-by":"publisher","unstructured":"Dabrowski, A., Pfeffer, K., Reichel, M., Mai, A., Weippl, E.R., Franz, M.: Better keep cash in your boots: hardware wallets are the new single point of failure. In: Proceedings of the 2021 ACM CCS Workshop on Decentralized Finance and Security (DeFi \u201921), pp.\u00a01\u20138. Association for Computing Machinery (2021). https:\/\/doi.org\/10.1145\/3464967.3488588","DOI":"10.1145\/3464967.3488588"},{"key":"21_CR12","unstructured":"Donjon, L.: Unfixable seed extraction on Trezor: a practical and reliable attack (2019). https:\/\/www.ledger.com\/blog\/unfixable-key-extraction-attack-on-trezor"},{"key":"21_CR13","unstructured":"Donjon, L.: The ledger donjon: meet Ledger\u2019s white hat hackers (2024). https:\/\/www.ledger.com\/academy\/security\/the-ledger-donjon"},{"key":"21_CR14","unstructured":"Electrum: Electrum bitcoin wallet (2025). https:\/\/electrum.org\/"},{"key":"21_CR15","unstructured":"Eynard, J., Renault, G., Rondepierre, F., Thillard, A.: Practical timing and SEMA on embedded OpenSSL\u2019s ECDSA. In: Proceedings of SSTIC 2022 \u2013 Symposium sur la s\u00e9curit\u00e9 des technologies de l\u2019information et des communications. Rennes, France (2022). https:\/\/www.sstic.org\/media\/SSTIC2022\/SSTIC-actes\/practical_timing_and_sema_on_embedded_openssls_ecd\/SSTIC2022-Article-practical_timing_and_sema_on_embedded_openssls_ecdsa-thillard_rondepierre_renault_eynard.pdf"},{"key":"21_CR16","unstructured":"Raspberry Pi Foundation: Raspberry pi camera module 2 (2025). https:\/\/www.raspberrypi.com\/products\/camera-module-v2\/"},{"key":"21_CR17","unstructured":"Raspberry Pi Foundation: Raspberry pi camera module 3 (2025). https:\/\/www.raspberrypi.com\/products\/camera-module-3\/"},{"key":"21_CR18","doi-asserted-by":"publisher","unstructured":"Jager, T., Schwenk, J., Somorovsky, J.: Practical invalid curve attacks on TLS-ECDH. In: Pernul, G., Ryan, P.Y.A., Weippl, E.R. (eds.) Computer Security \u2013 ESORICS 2015, Part I. LNCS, vol.\u00a09326, pp. 407\u2013425. Springer (2015). https:\/\/doi.org\/10.1007\/978-3-319-24174-6_21","DOI":"10.1007\/978-3-319-24174-6_21"},{"key":"21_CR19","doi-asserted-by":"crossref","unstructured":"Jancar, J., Sedlacek, V., Svenda, P., Sys, M.: Minerva: The curse of ECDSA nonces (systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces). IACR Trans. Cryptograph. Hardw. Embedded Syst. 2020(4), 281\u2013308 (2020).https:\/\/doi.org\/10.13154\/tches.v2020.i4.281-308","DOI":"10.46586\/tches.v2020.i4.281-308"},{"key":"21_CR20","unstructured":"RSA Laboratories: PKCS #5: Password-based cryptography specification version 2.0, rFC 2898 (2000). https:\/\/datatracker.ietf.org\/doc\/html\/rfc2898"},{"key":"21_CR21","unstructured":"Kraken Security Labs: Kraken identifies critical flaw in Trezor hardware wallets (2020). https:\/\/blog.kraken.com\/product\/security\/kraken-identifies-critical-flaw-in-trezor-hardware-wallets"},{"key":"21_CR22","unstructured":"Ledger: Ledger crypto wallet (2025). https:\/\/www.ledger.com\/"},{"key":"21_CR23","unstructured":"de\u00a0Miranda, P.A.G.C.: Attacks on ECDSA when the nonces are generated with a weak pseudo-random number generator (2019)"},{"key":"21_CR24","unstructured":"Moghimi, D., Sunar, B., Eisenbarth, T., Heninger, N.: TPM-FAIL: TPM meets timing and lattice attacks. In: 29th USENIX Security Symposium (USENIX Security 2020), pp. 2057\u20132073. USENIX Association (2020). https:\/\/www.usenix.org\/conference\/usenixsecurity20\/presentation\/moghimi-tpm"},{"key":"21_CR25","doi-asserted-by":"crossref","unstructured":"Nemec, M., Sys, M., Svenda, P., Klinec, D., Matyas, V.: The return of Coppersmith\u2019s attack: practical factorization of widely used RSA moduli. In: Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS 2017), pp. 1631\u20131648. ACM (2017)","DOI":"10.1145\/3133956.3133969"},{"key":"21_CR26","unstructured":"O\u2019Flynn, C.: Glitching Trezor using EMFi through the enclosure (2019). https:\/\/colinoflynn.com\/2019\/03\/glitching-trezor-using-emfi-through-the-enclosure\/"},{"key":"21_CR27","unstructured":"Palatinus, M., Rusnak, P., Voisine, A., Bowe, S.: Bitcoin improvement proposal 39: mnemonic code for generating deterministic keys (2025). https:\/\/github.com\/bitcoin\/bips\/blob\/master\/bip-0039.mediawiki"},{"key":"21_CR28","doi-asserted-by":"publisher","unstructured":"di\u00a0Pasquo, G.: SG90 servo characterization (2021). https:\/\/doi.org\/10.13140\/RG.2.2.15715.89127","DOI":"10.13140\/RG.2.2.15715.89127"},{"key":"21_CR29","unstructured":"Pedro, M.S., Servant, V., Guillemet, C.: Side-channel assessment of open source hardware wallets. Cryptology ePrint Archive, Report 2019\/401 (2019). https:\/\/eprint.iacr.org\/2019\/401"},{"key":"21_CR30","unstructured":"Pornin, T.: RFC 6979: deterministic usage of the digital signature algorithm (DSA) and elliptic curve digital signature algorithm (ECDSA) (2025). https:\/\/datatracker.ietf.org\/doc\/html\/rfc6979"},{"key":"21_CR31","unstructured":"Roche, T.: EUCLEAK. Cryptology ePrint Archive, Report 2024\/1380 (2024). https:\/\/eprint.iacr.org\/2024\/1380"},{"key":"21_CR32","unstructured":"Roche, T., Lomn\u00e9, V., Mutschler, C., Imbert, L.: A side journey to titan. In: 30th USENIX Security Symposium (USENIX Security 2021), pp. 231\u2013248. USENIX Association (2021). https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/roche"},{"key":"21_CR33","doi-asserted-by":"publisher","unstructured":"Rukhin, A., et al.: A statistical test suite for random and pseudorandom number generators for cryptographic applications. Special Publication 800-22 Rev. 1A, National Institute of Standards and Technology (NIST) (2010). https:\/\/doi.org\/10.6028\/NIST.SP.800-22r1a","DOI":"10.6028\/NIST.SP.800-22r1a"},{"key":"21_CR34","unstructured":"Rumpf, P., et al.: RNGtest: FIPS 140-2 random number generator test utility, part of the RNG-tools package (2024). https:\/\/linux.die.net\/man\/1\/rngtest"},{"key":"21_CR35","unstructured":"Scott, A., Andersen, S.: Engineering a backdoored bitcoin wallet. In: Proceedings of the 18th USENIX Workshop on Offensive Technologies (WOOT 2024). USENIX Association (2024). https:\/\/www.usenix.org\/conference\/woot24\/presentation\/scott"},{"key":"21_CR36","doi-asserted-by":"publisher","unstructured":"Sedlacek, V., Jancar, J., Svenda, P.: Fooling primality tests on smartcards. In: Computer Security \u2013 ESORICS 2020. LNCS, vol. 12309, pp. 253\u2013272. Springer (2020). https:\/\/doi.org\/10.1007\/978-3-030-58951-6_13","DOI":"10.1007\/978-3-030-58951-6_13"},{"issue":"1","key":"21_CR37","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1109\/TR.2018.2864536","volume":"68","author":"S Siboni","year":"2019","unstructured":"Siboni, S., et al.: Security testbed for internet-of-things devices. IEEE Trans. Reliab. 68(1), 23\u201344 (2019). https:\/\/doi.org\/10.1109\/TR.2018.2864536","journal-title":"IEEE Trans. Reliab."},{"key":"21_CR38","doi-asserted-by":"publisher","unstructured":"Smith, R.: An overview of the tesseract OCR engine. In: Proceedings of the 9th International Conference on Document Analysis and Recognition (ICDAR 2007), vol.\u00a02, pp. 629\u2013633 (2007). https:\/\/doi.org\/10.1109\/ICDAR.2007.4376991","DOI":"10.1109\/ICDAR.2007.4376991"},{"key":"21_CR39","doi-asserted-by":"crossref","unstructured":"National Institute of Standards and Technology: FIPS pub 140-2: security requirements for cryptographic modules (2001). https:\/\/doi.org\/10.6028\/NIST.FIPS.140-2","DOI":"10.6028\/NIST.FIPS.140-2"},{"key":"21_CR40","doi-asserted-by":"crossref","unstructured":"National Institute of Standards and Technology: FIPS pub 140-3: security requirements for cryptographic modules (2019). https:\/\/doi.org\/10.6028\/NIST.FIPS.140-3","DOI":"10.6028\/NIST.FIPS.140-3"},{"key":"21_CR41","doi-asserted-by":"publisher","unstructured":"Svenda, P., et al.: TPMScan: a wide-scale study of security-relevant properties of TPM 2.0 chips. IACR Trans. Cryptograph. Hardw. Embedded Syst. 2024(2), 714\u2013734 (2024). https:\/\/doi.org\/10.46586\/tches.v2024.i2.714-734","DOI":"10.46586\/tches.v2024.i2.714-734"},{"key":"21_CR42","unstructured":"Svenda, P., et al.: The million-key question: investigating the origins of RSA public keys, Technical report, FIMU-RS-2016-03, Masaryk University, Faculty of Informatics (2016)"},{"key":"21_CR43","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/978-3-030-11039-0_7","volume-title":"E-Business and Telecommunications","author":"M S\u00fds","year":"2019","unstructured":"S\u00fds, M., Klinec, D., Kub\u00ed\u010dek, K., \u0160venda, P.: BoolTest: the fast randomness testing strategy based on Boolean functions with application to DES, 3-DES, MD5, MD6 and SHA-256. In: Obaidat, M.S., Cabello, E. (eds.) E-Business and Telecommunications, pp. 123\u2013149. Springer, Cham (2019)"},{"key":"21_CR44","unstructured":"TheCharlatan: List of hardware wallet hacks (2025). https:\/\/thecharlatan.ch\/List-Of-Hardware-Wallet-Hacks\/"},{"key":"21_CR45","unstructured":"TowerPro: SG90 digital servo (2025). https:\/\/towerpro.com.tw\/product\/sg90-7\/"},{"key":"21_CR46","unstructured":"Trezor: Trezor hardware wallet (2025). https:\/\/trezor.io\/"},{"key":"21_CR47","unstructured":"Trezor: Trezor model one hardware wallet (2025). https:\/\/trezor.io\/trezor-model-one"},{"key":"21_CR48","unstructured":"BC Vault: Does BC vault support multi-signature access to wallets? (2025). https:\/\/support.bc-vault.com\/support\/solutions\/articles\/43000374160-does-bc-vault-support-multi-signature-access-to-wallets-"},{"key":"21_CR49","unstructured":"BC Vault: Why choose BC vault (2025). https:\/\/bc-vault.com\/why-choose-bc-vault\/"},{"key":"21_CR50","unstructured":"Wuille, P.: Bitcoin improvement proposal 32: hierarchical deterministic wallets (2025). https:\/\/github.com\/bitcoin\/bips\/blob\/master\/bip-0032.mediawiki"}],"container-title":["Lecture Notes in Computer Science","Availability, Reliability and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-00633-2_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,8]],"date-time":"2025-09-08T19:37:42Z","timestamp":1757360262000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-00633-2_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783032006325","9783032006332"],"references-count":50,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-00633-2_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"9 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"ARES","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Availability, Reliability and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ghent","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Belgium","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ares-12025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2025.ares-conference.eu","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}