With more than $761 million in cryptocurrency thefts this year alone, security has become a hot topic in blockchain tech. But what exactly is the best way to store your digital assets on decentralized networks? If you ask Samsung, the answer might be your smartphone. But if you ask a bunch of security experts, things get a lot more complicated.
In a blog post published on its Insights platform last month, Samsung suggested that “smartphones have the best security for blockchain and cryptocurrency.” The research went mostly unnoticed, until last week when it was suddenly picked up by several cryptocurrency news sites. But while the research certainly makes for strong headlines, is that buzz around the security of smartphones justified? We decided to find out.
We asked a number of security experts what they think about Samsung’s claims. And indeed, while smartphones could be a good short-term storage solution, there are a plenty of risks associated with storing cryptocurrency on handsets.
Why Samsung thinks smartphones are great for cryptocurrency
In the Samsung article, author Joel Snyder argued that because smartphones – especially Samsung’s own phones, of course – come equipped with Trusted Execution Environments (or TEEs, for short), they are particularly suitable for storing blockchain-powered assets.
For those unfamiliar, TEEs are another section of the phone’s hardware that is completely separate from its main processor and storage system. The only way to access information stored on a TEE is through developing what is called a “trustlet,” a small app programmed to access specific information stored in TEEs through a dedicated, and – supposedly – secure API.
“The TEE is a separate execution environment with its own memory and persistent storage, completely isolated from the rest of the device,” Snyder wrote. “The Android OS can’t reach into the TEE, even if the former is completely compromised. The only way to get to and from the TEE is with an API that calls small applications running in the TEE ‘trustlets.’”
“With a properly written wallet that uses trustlets to manage the keys, security is seriously tight.” he continued, “If those private keys are in the TEE and only accessible via a trustlet, there’s no possible way the malware can extract the keys directly. And with platforms like Samsung Knox that wrap additional protections on the TEE on top of the normal Android features, the keys are even better protected.”
This is ultimately what sets smartphones apart from laptops. Laptops don’t have TEEs which makes wallet software much more susceptible to malware.
Where smartphones fall short
Despite the heightened security that comes with TEEs, smartphones are not by any means immune to attacks.
“Having a TEE is certainly better than not having a TEE because the private keys themselves are better protected,” Bitcoin developer Jameson Lopp explained in an email to Hard Fork. “HOWEVER, there still exist quite a few attack vectors that can happen elsewhere in the software stack.”
“Malware can affect other critical components of the wallet operation while creating a transaction, resulting in the funds being send to an attacker’s address,” Lopp added.
We also asked John Hopkins cryptography professor Matthew Green about his take on Samsung’s piece. “It’s complicated,” he wrote in an email to Hard Fork, “the details matter a lot.”
“It is true that TEEs are a good thing for storing cryptographic secrets,” he further told us. “They isolate secret keys from the rest of the applications and operating system of the phone, which makes them less vulnerable to simple malware.”
But this mechanism comes with trade-offs.
“There are some caveats,” Green continued. “In order to be useful, the apps on the phone have to be able to make requests to the TEE, requests along the line of ‘send Bitcoins to a specific person.’ So sophisticated malware might not be able to extract the keys from the TEE, but by compromising an app they might be able to cause the TEE to make a payment of your funds.”
“This is nearly as bad,” the cryptography professor stressed. “And even obvious countermeasures like requiring a password only help a little, since a particularly sophisticated piece of malware can just wait for you to enter the password in order to make a legitimate transaction.”
Another issue with placing trusts in TEEs is that they’re not all created equal. As Green pointed out, “the quality and security of TEEs differs” depending on who makes them. Indeed, researchers have previously discovered gaping security holes in TEEs developed by household names like Qualcomm and TrustZone.
In all fairness, Green is quick to point out that, although they’re not a “magic bullet,” TEEs do indeed make hackers’ jobs more difficult.
One thing that both Green and Lopp highlighted is that, ultimately, the level of security provided by a device is directly related to the number of potential attack vectors it is susceptible to. In the case of smartphones, they are almost always connected to cellular or Wi-Fi networks, which greatly increases the number of possible exploits.
Are smartphones always bad for storing cryptocurrency?
All of these risks aside, there are times when your smartphone would be more than ideal for storing cryptocurrencies and other digital assets. Trading is one of these examples.
“If you are actively trading or using your coins for payments, you need to have them in a wallet program that you can access quickly,” F-Secure security expert Mikko Hyppönen told Hard Fork. For that purpose, a wallet on modern smartphone with physical security enabled are a practical choice.”
“iPhones and Android devices with TEE come to mind,” he continued. “They would clearly be better than using a PC or a Mac.”
Still, Hyppönen warns that storing large amounts of cryptocurrency on your smartphone might not be a smart decision. In such cases, he recommends using a specialized hardware wallet like Trezor or Ledger.
Lopp too seconds Hyppönen’s concerns. “Even with a TEE I’d only ever put as much value into a single signature smartphone wallet as I’d keep in any other wallet that I carry around with me,” he told Hard Fork.
“Custom built hardware such as Trezor and Ledger are built with minimal feature sets in order to reduce the total number of attack vectors,” he continued. “They are always going to be safer than any wallet that is running on a full fledged operating system.”
While Samsung is right that TEEs are great for security, the added complexity that comes with them also opens smartphones to a series of new attacks – attacks that would often be impossible on specialized hardware wallet solutions.
So although it might be a good idea to keep a couple of hundred dollars worth of cryptocurrency on your smartphone, you might be better off investing in a simple crypto-wallet for your savings.
“As the old security adage goes,” Lopp told Hard Fork, “complexity is the enemy of security.”
Published August 2, 2018 — 15:30 UTC