Modern society and commerce are based on trust and digital identities. Companies and organizations build a reputation for being trustworthy. Consequently, the trust in their products is based on the trust in the organization.
Blockchain has the potential to revolutionize how technology functions in the modern age. It is secure by design (but not necessarily by implementation) and many blockchain implementations depend on the authenticity of the people participating. Individuals are willing to store and transfer value on the blockchain network because the system incentivizes them for doing so.
There’s the assumption that blockchain implementations are safe because blockchain was designed to be safe. This transfer of trust to the blockchain technology makes it essential for blockchains to be implemented in a secure manner. This means that the secret keys that protect the blockchain account and the signing of each block need to be secured.
As blockchain becomes more mainstream it is being increasingly used in environments/use cases where traditionally auditability is required; for example, in the payment and healthcare industry. As business use of blockchain increases, its technology will be subject to being made more transparent and auditable.
Introduction to Hardware Security Modules (HSMs)
Hardware Security Modules (HSMs) are devices designed to provide physical protection for sensitive data and operations. HSMs are appliances built to store cryptographic keys, and they come with built-in support for performing cryptographic operations and other sensitive processing on-device. This ensures that sensitive data never leaves the HSM and is constantly protected from compromise.
HSMs are designed with built-in protections against all types of attack, including both cyber-attacks and physical attacks. They can be deployed remotely to provide on-site processing of sensitive data or clustered to provide centralized, scalable secure processing. Regardless of location, an HSMs built-in security ensures that the data and intellectual property that it protects are secure.
Performing high-value operations using technology not under the physical control of the enterprise is not a new concept. ATMs and merchant’s Point of Sale (PoS) terminals are designed to be physically accessible to the general public in unsecured locations.
Using HSMs, these devices can store and use secret cryptographic keys in a secure manner by implementing physical protections internal to the device itself.
Beyond Modern Security: Is Blockchain Post Quantum-Safe?
Generally, blockchain applications are used to transfer assets that are intended to last. For a blockchain transaction to still be immutable in the future, the cryptographic material used, especially the signing of each block for validation should be generated by algorithms that are quantum-safe. This is now attainable with the help of a Hardware Security Module that can work with current algorithms as well as quantum-safe ones.
Making Blockchain Applications Auditable with HSMs
Many business use cases will require compliance with either governmental or trade group standards. Nearly 80% of compliance auditors recommend that an HSM be used to secure keys. This includes FIPS 140-2 Level 3, Common Criteria EAL 4+, and PCI/DSS certifications. Highly regulated businesses like banks and payment systems all require an HSM. When a breach happens, being able to show that you were observing best practices and had an HSM deployed mitigates your exposure and risk.
The Blockchain Security Landscape
Traditionally, most businesses rely on highly centralized systems. By placing all the valuable information and crucial decision-making processes in a single location, they could protect vital assets by erecting a strong perimeter around these assets. While this has historically simplified security, it created a single point of failure if the security or availability of the organization’s controller were ever compromised.
A Decentralized, Distributed Network
Blockchain attempts to eliminate the potential of such a failure by spreading operations over a distributed network of untrusted networks. This decentralization makes the technology potentially less vulnerable to attacks targeting crucial assets but requires the use of advanced security measures based on modern cryptography. Protecting the cryptographic keys and operations used in these algorithms is vital to the security of the blockchain network.
Creating and Maintaining a Shared Ledger
Currently, it is commonly accepted that financial institutions maintain the official history of all their client’s accounts and transactions. It is the responsibility of the financial institution to ensure the accuracy of this record and protect it against unauthorized access or modifications.
In blockchain, the entire network is involved in creating and storing the record of the network’s history. Every blockchain has a method for getting the network to agree on the current state of the record so that the copies stored on each node remain synchronized. Cryptographic algorithms are crucial to this process to protect against manipulation or modification of the historical record since every block contains the hash of the previous block and thus a digital fingerprint of its predecessor.
Based on Modern Cryptographic Technology
Trust in the blockchain is based on trust in cryptography. At every stage of the blockchain’s operations, cryptographic algorithms are used to ensure security and protect against attacks. As in every other technology using cryptography for security, protection of the secret key is of paramount importance.
The security of blockchain technology is based on the security of the secret keys. If a user’s keys can be lost or stolen, the user’s account on the blockchain is compromised. By implementing solutions to protect the privacy of private keys, the security of the blockchain is increased.
Combining HSMs and the Blockchain
An HSM is a critical component of a blockchain cryptographic framework. Your keys and certificates are your identity – they represent your company, its reputation and identity. They must not be lost or compromised. While these blockchain keys and certs can be stored on a secure server, this option will never detect and alert you if your keys or certs were compromised and/or stolen. This level of security can only be provided with an HSM.
Since HSMs are hardware devices, you can, without compromising the security around the keys, expand and scale your blockchain deployment as needed, by adding additional HSM devices. You can even cluster them to provide greater resilience and performance. You can offload cryptographic operations like Elliptic Curve, True Random Number Generation and Hashing to the HSM to free up more processing resources for general blockchain server operation.
The keys and certs you store in your HSM are secure and cannot be extracted from it. When the keys or certs are needed, access-controlled and permissioned API protocols can be used to perform designated and authorized cryptographic operations on the HSM. Only the people you assign, using multi-factor authentication and 4-eyes principles can perform the approved operations.
To compromise your cryptographic environment, the perpetrators would have to have administrative privileges, access to the blockchain data before it was encrypted and physical access to the HSM.
The Utimaco HSM Solution
Why Utimaco? We are an experienced HSM vendor that has specialized in creating some of the best designed, easy to use and extensible HSMs in the marketplace. We have many useful integration guides that assist our customers in connecting our HSM to their blockchain environment. Using the industry standard API PKCS#11, we can connect to most blockchain platforms. We include handy command line and GUI based tools to provision and configure the Utimaco HSM to be an efficient and secure component in your blockchain deployment.
Utimaco’s HSM internal software is all-inclusive, with:
- Required Elliptic Curve algorithms
- True Random Number Generator for superior entropy and quality
- SHA2 and SHA3 families hashing function
Your purchase price includes the use of all our algorithms for the life of the HSM. You can even add new cryptographic functions and algorithms as the state-of-the-art in blockchain grows and changes. Our SDK makes it possible to even add post-quantum algorithms. Utimaco has also successfully integrated with the Hyperledger Fabric and Fabric-CA.
When you consider the value of the assets you are storing or controlling in your blockchain, an HSM is a small price to pay to protect potentially millions of dollars of critical assets.
Utimaco’s solution gives you the missing link in the chain, so to speak; giving security-conscious institutions the assurance they need to use blockchain with confidence. Take a test drive today and request our integration guide and access to our HSM simulator.
Blog post by Dr. Ulrich Scholten
About the author
Ulrich Scholten is an internationally active entrepreneur and scientist. He holds a PhD in information technology and owns several patents on cloud-based sensors. His research on cloud computing is regularly published in highly rated journals and conference papers. From 2008 - 2015, he was associated research scientist at the Karlsruhe Service Research Institute (KSRI), a partnership by KIT and IBM, where he researched network effects around web-platforms together with SAP Research.