HSM & Blockchain

Coexistence of Blockchain and HSM

Blockchain is a system of recording information that makes it impossible to change, cheat or hack the system.

Digital environments allow us to explore and develop new services and products to meet changing user needs to match way they live, work and use technology. Also, fast changing digital environment gives customer competitive advantage and improves effectiveness and operational efficiency of an enterprise ensuring the high quality of its products, service and support.

But that fast-moving environment multiplies the security risks. Those emerging technologies - cloud, IoT, blockchain, digital payments need secure cryptographic solutions. While the blockchain technology that underpins distributed ledgers has proven in itself to be very secure, there are many questions about how to protect both the cryptographic keys that allow access to the ledger and blockchain applications.

Blockchain is rising up agenda for many organizations. It is a system of recording information that makes it impossible to change, cheat or hack the system. The technology has the potential to transform the way data is shared and value is transferred.

Most companies plan to use blockchain. Sixty percent of respondents say their organizations will use blockchain in the near future. The two primary use cases are dedicated to cryptocurrencies, where safe key generating and management of user wallets are needed, and to easier information tracking, for example in a supply chain. In each step the authorized personnel can enter the required information and at the same time no past data can be modified, appended, or deleted.

Also, if this technology is to be adopted in financial trades, payments, health care, but also of government and regulatory applications, the security risks will decrease drastically.

HSM

An HSM (hardware security module) is a crypto-processor that securely generates, protects, and stores keys. Nowadays, security-conscious organizations and institutions use HSM to manage their digital keys, protect potential access points that require secure, verified digital signatures. The overall average importance rating for HSMs as part of an encryption and key management strategy in the current year is 64 percent.

Reasons an HSM is secure and trusted:

  • it is built on top of specialized hardware, which is well-tested and certified;
  • it has a security-focused OS;
  • it has limited access via a network interface that is strictly controlled by internal rules;
  • actively hides and protects cryptographic material.

A successful blockchain system needs highly reliable methods of interfacing with the strong key protection practices afforded by HSMs, and these HSMs must deliver the scaling and flexibility a decentralized blockchain model needs.

Blockchain combines message and asset in one token. Once an asset is embedded into a blockchain or distributed ledger, possessing the associated cryptographic keys is the only way to retrieve or move the asset. In other words, the key becomes the asset. For example, in a traditional IT model, a key protects the database, which in turn protects the data or the asset. When the key and the asset are one and the same, anyone who obtains the key can monetize and exploit the asset instantly.

In such a scenario protecting the key is of paramount importance to prevent its misuse, loss, or modification. It is equally important that the cryptographic operations the key is used for are performed in a protected environment where data interception is impossible. Integration with an HSM is a reliable way to secure the most vulnerable aspects of the whole blockchain infrastructure.

---
Source: accenture consulting: Blockchain Security Made Simple - The Key To HSM Integration.

News

Priviledge Escalation Vulnerability

utimaco LAN V5 3Utimaco has been made aware of a vulnerability affecting the Windows installations of some of our products.

Read more ...

Utimaco on RISK Conference 2020

Utimaco presentation RISK 2020Utimaco is going to attend the RISK conference 2020 with a presentation "Trust the NEXT Digital Era".

Read more ...

CREAplus Successfully Delivered Training for Utimaco HSM

utimaco LAN V5 4CREAplus, authorized Utimaco training partner, successfully delivered another Utimaco Academy 2-day online hands-on technical training on Utimaco hardware security module (HSM), in November 2020.

Read more ...

Blog: NIST’s Standardisation of PQC

graph data breachesBlog post: The World of Quantum Computing - NIST’s Standardisation of PQCCybersecurity 

Blog: Zerologon Vulnerability

graph data breachesBlog post: Cybersecurity - Zerologon Vulnerability