Introduction: Why Secure Element Matters
简介：为什么安全元件很重要

The safeguarding of digital assets, particularly crypto, significantly relies on the kind of chips utilized. Not all chips are designed with security in mind, making the selection of the right one a critical aspect. This is where Secure Elements come into play. Recognized for their reliability and rigorous testing by unbiased third-party security labs, Secure Elements are the only chips acceptable for security-sensitive applications such as banking cards, passports and crypto hardware wallets.
数字资产，特别是加密资产的保护，在很大程度上依赖于所使用的芯片类型。并非所有芯片在设计时都考虑到了安全性，因此选择合适的芯片是一个关键方面。这就是安全元件发挥作用的地方。安全元件因其可靠性和公正的第三方安全实验室的严格测试而得到认可，是银行卡、护照和加密硬件钱包等安全敏感应用唯一可接受的芯片。

Understanding Crypto Asset Security and Hardware Wallets
了解加密资产安全和硬件钱包

Hardware wallets are engineered to protect your private keys from digital attacks and provide safeguards against physical tampering. The quality of the hardware is crucial in this context. The chips employed in the hardware wallets store your secret recovery phrase, the lifeline to your crypto assets. Consequently, the selection of a chip resistant to threats is paramount to the integrity of your digital wealth.
硬件钱包旨在保护您的私钥免受数字攻击，并提供防止物理篡改的保护措施。在这种情况下，硬件的质量至关重要。硬件钱包中使用的芯片存储您的秘密恢复短语，即加密资产的生命线。因此，选择抗威胁的芯片对于数字财富的完整性至关重要。

Secure Elements (SE) 安全元件 （SE）

Topping the list for the most secure storage solution are Secure Elements, which are often used in passports and bank cards. Secure Elements serve as the digital vault for your private keys and are resistant to a multitude of physical tampering hacks, including power analysis attacks, cold boot attacks, and fault attacks, among others.
最安全的存储解决方案排在首位的是安全元件，通常用于护照和银行卡。安全元件充当私钥的数字保险库，可抵御多种物理篡改黑客攻击，包括功耗分析攻击、冷启动攻击和故障攻击等。

Secure Elements undergo rigorous third-party security lab testing before getting their certification. This means their claims of security are not only based on in-house tests but also on independent, third-party evaluations.
安全元件在获得认证之前经过严格的第三方安全实验室测试。这意味着他们的安全声明不仅基于内部测试，还基于独立的第三方评估。

Advanced Defenses of Secure Elements
安全元件的高级防御

Fending off Side-Channel Attacks
抵御侧信道攻击

A device’s physical behavior, such as energy consumption and electromagnetic emissions, can expose sensitive information — a phenomenon known as side-channel attacks. Secure Elements are equipped with an array of defenses that either reduce the leakage of side-channel information or mask it with dummy operations. Techniques like altering the timing of executions and executing randomized masking operations scramble sensitive information leaked out by power consumption or electromagnetic emissions.
设备的物理行为（如能耗和电磁辐射）可能会暴露敏感信息，这种现象称为侧信道攻击。安全元件配备了一系列防御措施，可以减少侧信道信息的泄漏，也可以用虚拟操作来掩盖它。诸如更改执行时间和执行随机屏蔽操作之类的技术会扰乱因功耗或电磁辐射而泄露的敏感信息。

Hindering Power Analysis Attacks
阻碍功率分析攻击

Power analysis attacks aim to discern a private key by reading changes in power consumption during a transaction signing process. Secure Elements mitigate this risk by obscuring operations and employing a mixed circuitry layout, making the recovery of a key through power analysis almost impossible.
功耗分析攻击旨在通过在交易签名过程中读取功耗的变化来识别私钥。安全元件通过模糊操作和采用混合电路布局来降低这种风险，使得通过功耗分析恢复密钥几乎是不可能的。

Thwarting Cold Boot Attacks
挫败冷启动攻击

Cold boot attacks exploit the retention of memory in a device for a brief period after shutdown. Secure Elements counter this threat with built-in modules that detect sudden environmental changes, such as a drop in temperature, which triggers an immediate reset and erasure of the RAM.
冷启动攻击利用关机后在设备中保留内存一小段时间。安全元件通过内置模块来应对这种威胁，这些模块可以检测突然的环境变化，例如温度下降，从而触发RAM的立即重置和擦除。

Repelling Fault Attacks 抵御故障攻击

Fault attacks attempt to extract otherwise secure information by forcing errors in the device’s functionality. Secure Elements have built-in voltage and frequency anomaly detection modules that protect them from excessive voltage supply or clock frequency. In the event of suspicious activity, the flash memory is automatically wiped, ensuring the security of the private keys and other sensitive information.
故障攻击试图通过强制设备功能错误来提取其他安全信息。安全元件具有内置的电压和频率异常检测模块，可保护它们免受过压电源或时钟频率的影响。如果发生可疑活动，闪存会自动擦除，确保私钥和其他敏感信息的安全。

What’s new in Keystone 3?
鼎石 3 有什么新功能？

Three Secure Element Chips
三个安全元件芯片

The Keystone 3 is currently the ONLY hardware wallet that incorporates the use of three distinct secure elements: the Microchip ATECC608B, Maxim DS28S60, and Maxim MAX32520, offering a level of security that is unmatched. Each secure element has a unique role in reinforcing the hardware wallet’s security, collectively ensuring the protection of seed phrases and biometric data of users.
Keystone 3是目前唯一一款使用三种不同安全元件的硬件钱包：Microchip ATECC608B，Maxim DS28S60和Maxim MAX32520，提供无与伦比的安全级别。每个安全元素在加强硬件钱包的安全性方面都有独特的作用，共同确保保护用户的种子短语和生物识别数据。

Microchip ATECC608B and Maxim DS28S60 are specifically engineered to safeguard seed phrases. They collaboratively produce a secure environment for seed phrase storage, with the ATECC608B providing hardware-level security and authorization, and the DS28S60 ensuring a trusted platform module is always in place.
Microchip ATECC608B和Maxim DS28S60专为保护种子短语而设计。他们协作为种子短语存储生成一个安全的环境，ATECC608B提供硬件级安全性和授权，DS28S60确保始终存在受信任的平台模块。

The Maxim MAX32520, on the other hand, is a secure microcontroller unit that plays a vital role in securing fingerprint data. It utilizes encrypted flash storage for safeguarding a user’s fingerprint data, with the verification process being executed securely within the MCU (only available in the Keystone 3 Pro).
另一方面，Maxim MAX32520是一个安全的微控制器单元，在保护指纹数据方面起着至关重要的作用。它利用加密的闪存来保护用户的指纹数据，验证过程在MCU中安全执行（仅在Keystone 3 Pro中可用）。

Additionally, Keystone 3 incorporates a PCI-grade anti-tampering feature, with an intricate ‘security house’ of circuitry encompassing the core IC and SE chips. Any physical tampering results in an immediate data wipeout, further strengthening the device’s resilience. We’ll be publishing a separate article delving deeper into this topic in the coming weeks.
此外，Keystone 3还集成了PCI级防篡改功能，具有复杂的“安全室”电路，包括核心IC和SE芯片。任何物理篡改都会导致立即数据擦除，从而进一步加强设备的弹性。我们将在未来几周内发布一篇单独的文章，深入探讨这个话题。

Secure Seed Generation & Storage
安全的种子生成和储存

The Keystone team puts substantial focus on the seed generation process, particularly on ensuring randomness, as any lack of it can lead to security vulnerabilities. To avoid a single point of failure and boost randomness, the Keystone 3 leverages both secure elements (Microchip ATECC608B & Maxim DS28S60) to generate random numbers, which are then combined to form a unique seed phrase.
Keystone 团队非常关注种子生成过程，特别是确保随机性，因为缺乏随机性都可能导致安全漏洞。为了避免单点故障并提高随机性，Keystone 3利用两个安全元件（Microchip ATECC608B和Maxim DS28S60）生成随机数，然后将其组合成一个独特的种子短语。

Furthermore, users suspicious of the secure elements have the choice to manually generate their recovery phrase via dice rolling. They are also given the additional option to select their 11th or 23rd word, and have the Keystone device calculate their 12th or 24th checksum word. Nonetheless, we advise that the dice rolling feature be used only by experienced users who are fully aware of their actions.
此外，怀疑安全元素的用户可以选择通过掷骰子手动生成恢复短语。他们还可以选择第 11 个或第 23 个单词，并让 Keystone 设备计算他们的第 12 个或第 24 个校验和单词。尽管如此，我们建议掷骰子功能仅由完全了解其操作的有经验的用户使用。

Users’ seed phrases are encrypted with their password and securely preserved within both the secure elements. An encryption key, derived from both secure elements rather than the user’s direct password, is used. A part of this key is produced from the Microchip ATECC608B leveraging the KDF function. The second part is a random number stored on the Maxim DS28S60.
用户的种子短语使用其密码进行加密，并安全地保存在两个安全元素中。使用从两个安全元素派生的加密密钥，而不是用户的直接密码。该密钥的一部分由利用KDF功能的Microchip ATECC608B产生。第二部分是存储在Maxim DS28S60上的随机数。

Extraction of the seed phrase is only possible if the secure elements are thoroughly compromised, and the user’s password is exposed. This multilevel security measure provides strong protection against potential attacks on users’ seed phrases.
仅当安全元素被彻底破坏并且用户的密码被暴露时，才能提取种子短语。这种多级安全措施提供了强大的保护，防止对用户种子短语的潜在攻击。

Fully Open Source And Transparent Signing Process
完全开源和透明的签名过程

Keystone stands out due to our dedication to transparency and open-source practices. We are currently collaborating with SlowMist and KeyLabs to meticulously review and audit every aspect of the Keystone 3. Our objective is to make all our firmware code open-source by mid-October, enabling anyone to re-construct our firmware and assess the security level of the Keystone 3 independently. This “Don’t trust, verify!” philosophy exemplifies our commitment to transparency and security.
Keystone 脱颖而出，因为我们致力于透明度和开源实践。我们目前正在与SlowMist和KeyLabs合作，仔细审查和审核Keystone 3的各个方面。我们的目标是在 10 月中旬之前实现所有固件代码的开源，使任何人都可以重新构建我们的固件并独立评估 Keystone 3 的安全级别。这种“不要相信，验证！”的理念体现了我们对透明度和安全性的承诺。

While there are challenges related to open-sourcing secure element firmware due to vendor-imposed IP protections, we still emphasize the open verification of procedures like nonce selection during Secp256k1 signing or the proper implementation of RFC6979. We have also developed all the device’s signing logic internally to allow full auditability of the code for vulnerabilities.
虽然由于供应商施加的IP保护，开源安全元件固件存在挑战，但我们仍然强调在Secp256k1签名期间进行随机数选择或正确实施RFC6979等程序的开放验证。我们还在内部开发了所有设备的签名逻辑，以允许对漏洞代码进行完全可审计。

Conclusion 结论

To sum it up, the importance of robust hardware for crypto security cannot be overstated. The Keystone 3, armed with its multitude of Secure Elements, transparency through open-source, and fortified signing procedures, provides a strong barrier against various threats. By opting for a hardware wallet like Keystone, users can notably enhance the protection of their digital assets, ensuring peace of mind amidst the unpredictable environment of Web3.
总而言之，强大的硬件对加密安全的重要性怎么强调都不为过。Keystone 3配备了众多安全元件，通过开源的透明度和强化的签名程序，为各种威胁提供了强大的屏障。通过选择像 Keystone 这样的硬件钱包，用户可以显着增强对其数字资产的保护，确保在 Web3 不可预测的环境中高枕无忧。

原文始发于Keystone Wallet：Secure Elements: The Bedrock of Hardware Wallet Security