How hardware wallets could transform computer security

Notary

You probably already know that passwords are passé. But for growing numbers of people, so is the often time-consuming process of doing two-factor authentication via text message.

Instead, many companies - and some consumers - are turning to physical “universal two-factor” (U2F) devices like YubiKey. Last year Google said that using physical security keys resulted in a full year without any of their 85,000 employees being phished

However, U2F keys are specifically involved in authenticating the log-in process itself, which means that the computers they’re used on are still vulnerable to malware attacks. Because of limitations like that, another increasingly popular option is a special USB stick called a “hardware wallet” that’s often used to stash cryptocurrencies far away from their vulnerable exchange platforms.

CSAIL researcher Anish Athalye describes hardware wallets as more than just a handy tool for Bitcoin miners - to him, they represent a fundamental paradigm shift that moves away from viewing computers themselves as ground zero for digital security.

“A computer is such a gigantic attack surface, with lots of complexity and lots of code,” says Athalye, a graduate student at CSAIL. “This means lots of bugs and dependencies that can be exploited if malicious actors know where to look.” 

While hardware wallets have had some early success, they’ve also been found to have major security vulnerabilities. In response, Athalye and his colleagues have developed “Notary”, a wallet that eliminates entire classes of bugs that affect existing wallets.

Notary’s key innovation is a new technique called “reset-based switching” that involves resetting the CPU, memory, and other hardware when switching between different applications within the wallet. The goal of this approach is for applications to be more strongly isolated from one another, so that the security of apps in the wallet are not threatened if a single app is hacked or has a vulnerability.

Athalye says that hardware wallets could be game-changers not just for storing Bitcoin but for a wide range of online actions, from confirming purchases to trading stocks.

“You could spend most of your day working normally on your computer, but when you have to do something important like sell stock or transfer money, it could be done relatively smoothly using this external device,” says Athalye, lead author on a new paper about Notary with MIT professors Adam Belay, Frans Kaashoek, Robert Morris, and Nickolai Zeldovich. “Being able to build a secure hardware wallet would lead to better security for so many different kinds of applications.” 

Reset-based switching makes Notary much less vulnerable to many different kinds of bugs, including: 

  • memory errors: existing devices often have pieces of hardware called “memory protection units” (MPUs) that can be misprogrammed in such a way that can break the all-important isolation between applications. Notary avoids this problem by not having MPUs, instead using a combination of physically separate domains and reset-based switching. 

  • System call vulnerabilities: several wallets have had bugs that let individual apps read kernel memory. Notary gets around this by not needing any system calls that can read data: applications are supplied all their data at load time before they are started.

  • Software bugs: wallets like Trevor have had vulnerabilities where data packets sent over the USB interface created bugs and were even able to trigger buffer overflows. Notary physically places the USB software outside the security-critical parts of the computer, so that any bugs that may arise will not affect the security of the system.

A key aspect of reset-based switching is that it effectively involves multiple “computers.” The team runs applications on one "computer" while management code runs on another. The way task-switching happens is that the management computer completely resets the application computer, and then boots up another application on it. 

Supported in part by the National Science Foundation, the project will be presented October 27-30 at the Symposium on Operating Systems Principles (SOSP) in Ontario, Canada.