Kerckhoff’s Principle/Law & Occam’s Razor: Why I Find Hardware Wallets Far Less Secure than Just a Hardware Key

Been meaning to post this for a while. I am a huge supporter of FIDO2. I love the idea that without my key, that can’t be copied as far as I know, no one can access my data. I have also been a huge supporter of blockchain tech for over a decade. What I don’t like is the current state of crypto wallets. Having a hardware wallet, that is not backed up, presents an obvious single point of failure. Lucky for me, my wallets allow for me to back them up in the cloud using a PASSPHRASE!!! Ummmm… I use my FIDO2 keys, to avoid such issues. And my new Trezor Model T – Advanced Crypto Hardware Wallet with LCD Touchscreen supports FIDO2! Um, with all due respect, I am not that interested in the “Advanced Crypto Hardware Wallet with LCD Touchscreen” I just want a wallet that supports my existing FIDO2 key (WebAuthn). No matter how others try to explain the benefits of a hardware wallet, I just hear “Something else to break” in the mix.

As any CISSP knows:
Kerckhoff’s Principle/Law – “A cryptographic system should be secure even if everything about the system, except for the key, is public knowledge”

And as anyone who ever sat a talk by Hansang Bae would recognize; Occam’s Razor “If you have two competing ideas to explain the same phenomenon, you should prefer the simpler one”

Feedback welcome. Perhaps I am still missing something…

Learn about Great Security Topics With These Other IND Articles

hurry up

30% OFF

CISSP Live Online

Our CISSP Live-Online course is now aligned with the 2024 Exam format! Use code CISSP-24  to register now and save your spot