Improving blockchain security with HSMs

Decentralization, immutability, security, and transparency are the primary advantages of blockchain. Blockchain technology enables verification with no dependency on third-parties. A blockchains data structure is a continuously growing, append-only, list of records  in sequential order that makes it difficult or impossible to change or hack. As a result, the data cannot be modified or erased. Since blockchain data storage is immutable and no user is more trusted than others, organizations often rely on blockchain to achieve business agility with trust.

Key protection is paramount to ensuring the robustness of a blockchain system. Since the blockchain system requires highly reliable methods of interfacing with strong key protection control, Hardware Security Module (HSM) is a simple yet powerful solution to deliver the scaling and agility required by a decentralized blockchain model for these popular  use cases;

  • Cryptocurrency & Wallets- Enable storage and access of private keys used in crypto currency and blockchain systems to track activities such as k transaction signing, preventing a hacker from replacing or making new transactions.
  • Smart Contracts- Execute the terms of the contract through strong authentication and storage of encryption keys to ensure that all parties are authenticated and the data remains secure
  • Smart IoT- Enable cryptographic encryption for authentication and validation of data

Organizations of all sizes can easily implement powerful, secure and resilient blockchain applications, safeguarded by HSMs by Utimaco.

Business value

Business value


Protection of cryptographic material for the blockchain

  • For the generation of private and public key pairs: Utimaco HSMs support the required blockchains-specific elliptic curves
  • Provides strong identities and authentication, enabling access to the blockchain
  • Provides the ability to digitally sign, verify and approve blockchain transactions, including smart contracts
  • Provides secure storage for private keys
  • Provides hierarchical deterministic wallet support assuring the ability to derive key pairs in a secure environment from a single key master
  • Enables encryption and decryption
  • Provides the ability to audit and monitor- tracking usage of keys offers an additional layer of security

Compliance for many industries

  • The FIPS 140-2 L3 compliant Utimaco Block-safe HSM provides unrivaled key generation and protection for Blockchain specific elliptic curves.
  • Protects and manages encryption keys needed for key derivation.
  • Includes hash-based deterministic random number generator (DRG.4 acc. AIS 31), a true random number generator (PTG.2 acc. AIS 31)and a consensus model requiring M keys for digital signature before addition on the ledger

High Performance & Crypto Agile

  • Built-in Post-Quantum safe Dual TRNG + PRNG entropy source, and NIST SP800-90 compliant RNG
  • Asymmetric Key derivations including BIP-32, NIST SP800-108, ECDSA (NIST SP800-56A), DSA (ANSI X9.42)
  • Fingerprint for public key address generation
  • Consensus signing and verification using MultiSign
  • SDK for customization by own developers involving sensitive code and IP
  • Built-in support for several models for HA redundancy and performance scalability
  • Role based access control (RBAC) with multi factor authentication for segregation of duties
  • Up to 10,000 RSA or 6,000 ECDSA signing operations in bulk processing mode

Remote Access

Remote Key Delivery- Supporting the remote distribution of keys to deployed (POI) terminals


Software Simulator included

Included simulator allowing for evaluation and integration testing to benchmark the best possible solution for each specific case

Contact us

We look forward to answering your questions.

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.