The presentation discusses the vulnerabilities of hardware wallets and two-factor authentication keys, and how they can be exploited through fault injection attacks. The speaker also highlights the importance of open-source software in validating code and preventing attacks.
- Hardware wallets and two-factor authentication keys are vulnerable to fault injection attacks
- Open-source software can help prevent attacks by allowing code validation and modification
- The presentation provides examples of fault injection attacks on the Trezor hardware wallet and the Solo key authentication key
The speaker demonstrates a fault injection attack on the Trezor hardware wallet, showing how high voltage discharged into the device can cause errors and corruption in the firmware. The attack can be done without physical contact with the device, highlighting the ease of exploiting vulnerabilities in hardware wallets. The presentation also discusses the vulnerability of two-factor authentication keys, and how private keys can be extracted through memory layout analysis. The speaker emphasizes the importance of open-source software in preventing attacks, as it allows for code validation and modification.