Secure Elements: The Bedrock of Hardware Wallet Security

Secure Elements: The Bedrock of Hardware Wallet Security

Introduction: Why Secure Element Matters

The safeguarding of digital assets, particularly crypto, significantly relies on the kind of chips utilized. Not all chips are designed with security in mind, making the selection of the right one a critical aspect. This is where Secure Elements come into play. Recognized for their reliability and rigorous testing by unbiased third-party security labs, Secure Elements are the only chips acceptable for security-sensitive applications such as banking cards, passports and crypto hardware wallets.

Understanding Crypto Asset Security and Hardware Wallets

Hardware wallets are engineered to protect your private keys from digital attacks and provide safeguards against physical tampering. The quality of the hardware is crucial in this context. The chips employed in the hardware wallets store your secret recovery phrase, the lifeline to your crypto assets. Consequently, the selection of a chip resistant to threats is paramount to the integrity of your digital wealth.

Secure Elements (SE) 安全元件 (SE)

Topping the list for the most secure storage solution are Secure Elements, which are often used in passports and bank cards. Secure Elements serve as the digital vault for your private keys and are resistant to a multitude of physical tampering hacks, including power analysis attacks, cold boot attacks, and fault attacks, among others.

Secure Elements undergo rigorous third-party security lab testing before getting their certification. This means their claims of security are not only based on in-house tests but also on independent, third-party evaluations.

Advanced Defenses of Secure Elements

Secure Elements: The Bedrock of Hardware Wallet Security

Fending off Side-Channel Attacks

A device’s physical behavior, such as energy consumption and electromagnetic emissions, can expose sensitive information — a phenomenon known as side-channel attacks. Secure Elements are equipped with an array of defenses that either reduce the leakage of side-channel information or mask it with dummy operations. Techniques like altering the timing of executions and executing randomized masking operations scramble sensitive information leaked out by power consumption or electromagnetic emissions.

Hindering Power Analysis Attacks

Power analysis attacks aim to discern a private key by reading changes in power consumption during a transaction signing process. Secure Elements mitigate this risk by obscuring operations and employing a mixed circuitry layout, making the recovery of a key through power analysis almost impossible.

Thwarting Cold Boot Attacks

Cold boot attacks exploit the retention of memory in a device for a brief period after shutdown. Secure Elements counter this threat with built-in modules that detect sudden environmental changes, such as a drop in temperature, which triggers an immediate reset and erasure of the RAM.

Repelling Fault Attacks 抵御故障攻击

Fault attacks attempt to extract otherwise secure information by forcing errors in the device’s functionality. Secure Elements have built-in voltage and frequency anomaly detection modules that protect them from excessive voltage supply or clock frequency. In the event of suspicious activity, the flash memory is automatically wiped, ensuring the security of the private keys and other sensitive information.

What’s new in Keystone 3?
鼎石 3 有什么新功能?

Secure Elements: The Bedrock of Hardware Wallet Security

Three Secure Element Chips

The Keystone 3 is currently the ONLY hardware wallet that incorporates the use of three distinct secure elements: the Microchip ATECC608BMaxim DS28S60, and Maxim MAX32520, offering a level of security that is unmatched. Each secure element has a unique role in reinforcing the hardware wallet’s security, collectively ensuring the protection of seed phrases and biometric data of users.
Keystone 3是目前唯一一款使用三种不同安全元件的硬件钱包:Microchip ATECC608B,Maxim DS28S60和Maxim MAX32520,提供无与伦比的安全级别。每个安全元素在加强硬件钱包的安全性方面都有独特的作用,共同确保保护用户的种子短语和生物识别数据。

Microchip ATECC608B and Maxim DS28S60 are specifically engineered to safeguard seed phrases. They collaboratively produce a secure environment for seed phrase storage, with the ATECC608B providing hardware-level security and authorization, and the DS28S60 ensuring a trusted platform module is always in place.
Microchip ATECC608B和Maxim DS28S60专为保护种子短语而设计。他们协作为种子短语存储生成一个安全的环境,ATECC608B提供硬件级安全性和授权,DS28S60确保始终存在受信任的平台模块。

The Maxim MAX32520, on the other hand, is a secure microcontroller unit that plays a vital role in securing fingerprint data. It utilizes encrypted flash storage for safeguarding a user’s fingerprint data, with the verification process being executed securely within the MCU (only available in the Keystone 3 Pro).
另一方面,Maxim MAX32520是一个安全的微控制器单元,在保护指纹数据方面起着至关重要的作用。它利用加密的闪存来保护用户的指纹数据,验证过程在MCU中安全执行(仅在Keystone 3 Pro中可用)。

Additionally, Keystone 3 incorporates a PCI-grade anti-tampering feature, with an intricate ‘security house’ of circuitry encompassing the core IC and SE chips. Any physical tampering results in an immediate data wipeout, further strengthening the device’s resilience. We’ll be publishing a separate article delving deeper into this topic in the coming weeks.
此外,Keystone 3还集成了PCI级防篡改功能,具有复杂的“安全室”电路,包括核心IC和SE芯片。任何物理篡改都会导致立即数据擦除,从而进一步加强设备的弹性。我们将在未来几周内发布一篇单独的文章,深入探讨这个话题。

Secure Seed Generation & Storage

The Keystone team puts substantial focus on the seed generation process, particularly on ensuring randomness, as any lack of it can lead to security vulnerabilities. To avoid a single point of failure and boost randomness, the Keystone 3 leverages both secure elements (Microchip ATECC608B & Maxim DS28S60) to generate random numbers, which are then combined to form a unique seed phrase.
Keystone 团队非常关注种子生成过程,特别是确保随机性,因为缺乏随机性都可能导致安全漏洞。为了避免单点故障并提高随机性,Keystone 3利用两个安全元件(Microchip ATECC608B和Maxim DS28S60)生成随机数,然后将其组合成一个独特的种子短语。

Furthermore, users suspicious of the secure elements have the choice to manually generate their recovery phrase via dice rolling. They are also given the additional option to select their 11th or 23rd word, and have the Keystone device calculate their 12th or 24th checksum word. Nonetheless, we advise that the dice rolling feature be used only by experienced users who are fully aware of their actions.
此外,怀疑安全元素的用户可以选择通过掷骰子手动生成恢复短语。他们还可以选择第 11 个或第 23 个单词,并让 Keystone 设备计算他们的第 12 个或第 24 个校验和单词。尽管如此,我们建议掷骰子功能仅由完全了解其操作的有经验的用户使用。

How to verify the recovery phrase created by dice rolling

Don’t trust, verify! 不相信,验证!

Users’ seed phrases are encrypted with their password and securely preserved within both the secure elements. An encryption key, derived from both secure elements rather than the user’s direct password, is used. A part of this key is produced from the Microchip ATECC608B leveraging the KDF function. The second part is a random number stored on the Maxim DS28S60.
用户的种子短语使用其密码进行加密,并安全地保存在两个安全元素中。使用从两个安全元素派生的加密密钥,而不是用户的直接密码。该密钥的一部分由利用KDF功能的Microchip ATECC608B产生。第二部分是存储在Maxim DS28S60上的随机数。

Extraction of the seed phrase is only possible if the secure elements are thoroughly compromised, and the user’s password is exposed. This multilevel security measure provides strong protection against potential attacks on users’ seed phrases.

Fully Open Source And Transparent Signing Process

Secure Elements: The Bedrock of Hardware Wallet Security

Keystone stands out due to our dedication to transparency and open-source practices. We are currently collaborating with SlowMist and KeyLabs to meticulously review and audit every aspect of the Keystone 3. Our objective is to make all our firmware code open-source by mid-October, enabling anyone to re-construct our firmware and assess the security level of the Keystone 3 independently. This “Don’t trust, verify!” philosophy exemplifies our commitment to transparency and security.
Keystone 脱颖而出,因为我们致力于透明度和开源实践。我们目前正在与SlowMist和KeyLabs合作,仔细审查和审核Keystone 3的各个方面。我们的目标是在 10 月中旬之前实现所有固件代码的开源,使任何人都可以重新构建我们的固件并独立评估 Keystone 3 的安全级别。这种“不要相信,验证!”的理念体现了我们对透明度和安全性的承诺。

While there are challenges related to open-sourcing secure element firmware due to vendor-imposed IP protections, we still emphasize the open verification of procedures like nonce selection during Secp256k1 signing or the proper implementation of RFC6979. We have also developed all the device’s signing logic internally to allow full auditability of the code for vulnerabilities.

Conclusion 结论

To sum it up, the importance of robust hardware for crypto security cannot be overstated. The Keystone 3, armed with its multitude of Secure Elements, transparency through open-source, and fortified signing procedures, provides a strong barrier against various threats. By opting for a hardware wallet like Keystone, users can notably enhance the protection of their digital assets, ensuring peace of mind amidst the unpredictable environment of Web3.
总而言之,强大的硬件对加密安全的重要性怎么强调都不为过。Keystone 3配备了众多安全元件,通过开源的透明度和强化的签名程序,为各种威胁提供了强大的屏障。通过选择像 Keystone 这样的硬件钱包,用户可以显着增强对其数字资产的保护,确保在 Web3 不可预测的环境中高枕无忧。

原文始发于Keystone Wallet:Secure Elements: The Bedrock of Hardware Wallet Security

版权声明:admin 发表于 2023年10月13日 下午10:09。
转载请注明:Secure Elements: The Bedrock of Hardware Wallet Security | CTF导航