[Cryptography] Keeping Malware from Using Security Hardware
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Mar 5 19:38:55 EST 2025
Kent Borg <kentborg at borg.org> writes:
>But the hardware wallet doesn't understand their multiple approval stuff, so
>what was presented on the hardware wallets was a series of API calls complete
>with parameters, and it sounds like lots of hex.
This is common with HSMs, a lot of the controls are enforced by external API
wrappers, so to bypass them you just go one level lower in the API. A
security researcher I know once extracted keys from an H$$$M multiple times
simply by going one level further down in the interface each time, Java ->
PKCS #11 -> native API -> bits on the wire.
An old reference but I talked about the issue of problems with different API
levels in HSMs at Usenix Security 2000,
https://www.cs.auckland.ac.nz/~pgut001/pubs/usenix00_slides.pdf
Peter.
More information about the cryptography
mailing list