Ledger Donjon CTF: Rationale and Winners!

2020-11-21 17:55

Between October 28 and November 18, Ledger Donjon—Ledger’s world-class team of security researchers—ran a unique Capture the Flag (CTF) competition, where security enthusiasts, experts, and researchers were challenged with finding the solution to an array of security problems that Ledger Donjon prepared.

In total, more than 400 participants from around the world rose to the challenge of the Ledger CTF competition, many of which racked up an impressive score using their wits, guile, and knowledge to solve even the most fiendishly difficult challenges.

Here, we take some time to shed light on the goals of the Capture the Flag competition, and help to decipher some of its unique challenges. Stay glued until the end to find the list of Ledger CTF champions!

For the boldest experts, the CTF challenge is completely open-source, and can be freely replayed or modified. We will also publish a full list and breakdown of the solutions, as well as a link to the source code in the coming days.

What is a CTF?

In the computer security industry, a Capture the Flag (CTF) challenge is a type of security competition where users attempt to discover flags (usually a string of text) hidden in purposefully-vulnerable programs. These flags can only be obtained by successfully exploiting the program by whatever means necessary.

These security CTF challenges vary in form and function but they all have one thing in common—they require skill, expertise, and creativity to solve.

Ledger’s CTF challenge took the form of a Jeopardy CTF. This essentially means players were tasked with solving a wide range of problems devised by Ledger, and would earn points for every correct solution. Like the popular TV show Jeopardy! These challenges covered a range of categories and the more difficult problems awarded more points—helping us test both the breadth of depth of each player’s knowledge!

In the case of the Ledger Donjon CTF, this was a three-week challenge covering 19 different security-related scenarios. Challengers could either work alone or as a team, and the ten challengers with the most flags (points) won a prize.

Why the Ledger Donjon CTF?

Ledger Donjon’s team of world-class security experts and researchers work to bring trust and confidence to crypto owners by refining and hardening the security of Ledger products, and the crypto industry as a whole through its research.

This involves analyzing the security of prominent products throughout the crypto ecosystem, by identifying attack points that can then be fixed. Much of what Ledger Donjon publishes is open-source, including both attack tools and methodologies used, ensuring the benefits of this research can be carried forward to bolster the strength of the industry.

For example, in May 2020, Donjon was able to extract the PIN code from the ATECC508A secure memory used in the Coldcard Mk2 hardware wallet. Following responsible disclosure practices, this attack vector was reported to the manufacturers long before Donjon’s findings were made public.

With the goal of bringing transparency and openness to the crypto ecosystem, the Ledger Donjon 2020 CTF is designed to reproduce some of the real security issues that Donjon has encountered and resolved—helping crypto enthusiasts and developers alike get to grips with some of the work going on behind the scenes to keep the crypto industry secure.

Most of the challenges in this year’s CTF were completely original and directly related to blockchain, wallets, private keys, etc., helping participants get some hands-on experience with crypto-security challenges.

Decrypting 5 of the 19 Challenges

At Ledger, we tried to cover every major base with this year’s CTF—covering a wide range of topics relevant to the crypto industry today.

Ranging from cryptographic vulnerabilities to side-channel and hardware-based attacks, this CTF was designed to test the knowledge and mettle of participants to see who has what it takes to capture the Ledger Fortress.

Here, we take a look into the rationale behind some of the more popular challenges, and discuss their implications in today’s crypto industry.

Category: Cryptography

As their name suggests, your private keys are designed to be kept private, since they allow you (or anyone who knows them) to unlock and spend the funds they control access to. These private keys take the form of a long series of numbers and letters.

Normally, private keys are generated using a Random Number Generator (RNG) to ensure they are as close to random as possible. As a result, the resulting private key is normally too random to guess (or brute-force), keeping your coins safe… Normally.

This CTF challenge tasks participants with exploiting the weaknesses of an RNG used by some existing crypto-security solutions. To pass the challenge, participants must correctly predict the private key the RNG would generate.

RNGs are critical to the security of cryptocurrency wallets since flawed RNGs can produce insecure (non-random) private keys that can be easily cracked. This is why Ledger uses a « true » RNG embedded in a secure element for its hardware wallets, ensuring optimal randomness and maximum security for your crypto assets.

Category: Wallet

You may have heard the analogy—never put all your eggs in one basket. After all, if the basket breaks, say goodbye to your eggs!

The cryptocurrency equivalent of this would be sharing a fraction of your seed phrase with multiple trusted parties—a practice known as Shamir’s Secret Sharing. But as Ledger Donjon found, this analogy breaks down when applied to cryptocurrency wallets—since a single secure wallet is generally more secure than multiple weak ones.

With this CTF challenge, Ledger tasked participants with rebuilding a seed and accessing the funds it controls using just two of three required parts—essentially breaking the security offered by this implementation of Shamir’s Secret Sharing.

Although seed splitting offers some form of redundancy, it can open up additional attack vectors as shown in the CTF challenge—not to mention the potential risk of collusion.

Category: Side Channel Attack

Computers often give off more information than people realize, and sometimes, this can be used to gather data that could be considered sensitive—such as private keys.

Oftentimes, the execution of a program can be measured physically. Power consumption or electromagnetic leakage can reveal information about the code that is being executed, and even about the secret data it manipulates. This is somewhat similar to rattling around a safe to deduce what is inside it based on the noise it makes.

With this CTF challenge, participants need to extract a private key from a program just by looking at its power consumption traces—inspired by what Donjon did with the KeepKey wallet.

This vulnerability highlights why all Ledger devices generate seeds within a secure element—which does not leak information and hence cannot be exploited by this kind of attack.

Category: Blockchain

A blockchain typically uses a large number of different nodes to participate in the transaction validation process—by selecting pending transactions and securely adding them to blocks. To participate in this process, these nodes need to run a specific type of software, known as ‘client software’.

Some blockchains, like Ethereum and EOS, are capable of running smart contracts, which are essential self-contained snippets of code which exist on the blockchain and are automatically executed when predefined conditions are met—such as when a payment is received or after a fixed period of time.

With the blockchain CTF challenge, Donjon created a copy of the EOS blockchain containing a vulnerability. Participants were then tasked with creating a smart contract that leverages this vulnerability to take control of a node to access (fake) critical information. This type of blockchain attack challenge is rarely, if ever, seen in CTFs.

Since most nodes on a blockchain will be running the same client software, such an exploit could be used to target a large proportion of the network with potentially devastating results. This is why code audits are necessary before a client or update is made available. Donjon is currently working on the issue of blockchain node attacks.

Category: Hardware Exploitation

Software programs run on hardware. As a result, software and hardware are mutually dependent, and this dependence can sometimes lead to vulnerabilities. Indeed, it can be possible to exploit well-written software without any vulnerabilities if the hardware it is running on is insecure.

Because of this, secure software and hardware design go hand-in-hand, since one cannot be truly secure without the other.

With the hardware exploitation CTF, participants were tasked with attacking a highly secure physical computing device, known as a hardware secure module (HSM), by leveraging a poorly secured chip to extract the secrets it contains.

Although HSMs are often considered to be the pinnacle in cryptographic security, even they can be vulnerable if their software or hardware is poorly designed. For this reason, Ledger uses only the most battle-tested certified HSMs and wrote its own custom operating system for it—known as BOLOS.

Results and prizes

The turn out for this year’s CTF was excellent. In total, more than 400 people registered for and participated in the CTF—including participants from every continent (except Antarctica!).

Overall, more than a dozen participants managed to score over 1,000 points, while this year’s top participant was able to rack up an impressive score of 4552. Of the 19 available challenges, all but one (Ghostbuster) were solved by at least one participant, and the Scissors Secret Sharing challenge was cracked by the most participants—with almost 57 successful completions.

But after three weeks of competition, much of which was neck-and-neck between some of the participants, we can at last reveal the winners:

Click here for a full list of participants and their scores. The final scoreboard for the 10 top participants is shown below:

We will be in touch with the winners shortly to arrange delivery of the prizes!

Conclusion

On behalf of the Ledger team, thank you all for your participation and for helping to make this year’s CTF a success. We had a lot of fun building it!

We want to congratulate this year’s winners, and anybody who learned something new, or managed to capture a flag, or even stepped up to the challenge by participating. We look forward to seeing you again next year for our next CTF!

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Quantum Resistant Ledger (QRL) íà Currencies.ru

$ 0 (+0.00%)
Îáúåì 24H $0
Èçìåíåèÿ 24h: 0.00 %, 7d: 0.00 %
Cåãîäíÿ L: $0 - H: $0.307
Êàïèòàëèçàöèÿ $0 Rank 99999
Öåíà â ÷àñ íîâîñòè $ 0.1392 (-100%)

ledger security donjon researchers ctf enthusiasts challenged

ledger security → Ðåçóëüòàòîâ: 126


Ledger continues its security certification program with Ledger Nano X

The Ledger Nano X receives CSPN (First Level Security Certificate) certification issued by ANSSI (National Agency for Information Systems Security).  Following the Ledger Nano S announcement a few months ago, this makes both Ledger Nano X and S the only hardware wallets to be certified, according to the security requirements specified in the CSPN security […]

2019-12-12 16:59


Ôîòî:

Governance, Part 2: Plutocracy Is Still Bad

Coin holder voting, both for governance of technical features, and for more extensive use cases like deciding who runs validator nodes and who receives money from development bounty funds, is unfortunately continuing to be popular, and so it seems worthwhile for me to write another post explaining why I (and Vlad Zamfir and others) do not consider it wise for Ethereum (or really, any base-layer blockchain) to start adopting these kinds of mechanisms in a tightly coupled form in any significant way.

2018-7-21 23:03


Ôîòî:

UK Urged To Name Chief Blockchain Officer

A British politician has called for the creation of a Chief Blockchain Officer to oversee the implementation of Distributed Ledger Technology (DLT) in the UK Government. In a research paper, the Conservative Member for Walsall North, Eddie Hughes, argued blockchain would lead to greater efficiency and security in the running of government departments, potentially leading […] The post UK Urged To Name Chief Blockchain Officer appeared first on Crypto Briefing.

2018-7-18 20:58


Ôîòî:

The Genesis Files: With Bit Gold, Szabo Was Inches Away From Inventing Bitcoin

As his Hungarian parents had fled post-war Soviet regime to settle in the United States, Nick Szabo came to call the Californian Bay area of the 1990s his home. Here, he was among the first to frequent the in-person “Cypherpunk” meetings organized by Timothy May, Eric Hughes and other founding members of the collective of cryptographers, programmers and privacy activists centered around the ’90s mailing list of the same name.

2018-7-13 17:16


Crypto Wallet Ledger Introduces Ledger Live for Desktop

In a bid to appeal to more cryptocurrency investors, hardware wallet provider Ledger announced its new offering — Ledger Live. CEO Eric Larcheveque announced the new software in a blog post, stating that the company’s mission is to: “Ensure that everyone who owns crypto assets can keep them safe, using the most advanced security technology […] Crypto Wallet Ledger Introduces Ledger Live for Desktop was originally found on [blokt] - Blockchain, Bitcoin & Cryptocurrency News.

2018-7-11 16:14


Additional Ripple Lawsuit Asserts that XRP is a Security

Distributed ledger startup Ripple is facing another class-action lawsuit tied to the legal classification of the XRP cryptocurrency. Filed by California resident David Oconer, the complaint names Ripple Labs, XRP II (Ripple’s licensed money services business), Ripple CEO Brad Garlinghouse and 25 unnamed persons affiliated with the firms as defendants. The suit claims: “Here, the

2018-7-5 22:55