Blockchains are ruled almost entirely by cryptographic mechanisms. These mechanisms mostly involve digital signatures & PKI, hashes, and key derivation.
In permissioned blockchains, the network effect is significantly lesser than in public networks. Besides permissioned blockchains do not use proof-of-work such as in the Bitcoin network or proof-of-stake such as found in Ethereum network and as such do not have the strong and inherent security behind these mechanisms.
By nature, permissioned networks are heavily dependent on cryptographic operations being done in a secure and safe way when used for financial institutions. They require banking-grade HSMs.
In what follows, we will present an overview of the key roles of HSMs in permissioned blockchains for banking & payment services.
There are no norms defining blockchains. Therefore, any blockchain implementation is free to pick up cryptographic algorithms that they want and for what they need.
Blockchains may use hash algorithms such as SHA-256 for the blockchain network. For example, Dagger-Hashimoto is used for the Ethereum network and ECDSA is used for Ripple-based networks. Additional hash algorithms include:
Here we list the hashes and cipher suites supported by major permissioned blockchains frameworks:
There are many other permissioned frameworks, including HydraChain, OpenChain, and BigchainDB. Most are based on existing frameworks like Bitcoin or Ethereum. Many of the permissioned blockchain networks are crypto-agile and/or post-quantum proof.
Permissioned blockchains incorporate the identity authentication, access control, and authorization features for the nodes for the participation in the blockchain network. Cryptographic keys are utilized for the identities of nodes. These cryptographic keys are securely managed through HSMs. Typically, blockchains incorporate the HSM as a service by which a single HSM or a cluster holds the cryptographic keys of various blockchain nodes. These keys should be managed in separate and secure HSM partitions with designated roles for each partition. In some scenarios, PKI-based digital certificates are also used to ensure the trust between the blockchain nodes.
By design, HSMs are perfectly suited for the needs of a permissioned blockchain.
Permissioned blockchain consensus is vulnerable to cryptographic attacks. Therefore, PKI operations should ideally be performed in HSMs. In general, the key pair generation in blockchains is essential, and such keys should not be handled directly by their end-users. Instead, they should be generated and securely stored in HSMs or in key management servers.
Hashing and specifically, keyed hashing operations, are an integral part of the blockchain system. They also need secure random generation functions that should also be achieved with an HSM.
HSMs are a vital part of any security infrastructure that is under the mandate of securely managing cryptographic keys. The HSMs considered for incorporation must be FIPS 140-2 level validated and Common Criteria certified. If PKI-based digital certificates are being used in the permissioned blockchain, they must comply with the latest X.509 v3 standard. When a permissioned blockchain is employed in a banking/financial services department, the PCI PTS HSM version 3.0 certification is mandatory for legal obligations and compliance.
In preventing and mitigating malicious attacks, the implementation of strong authentication and cryptographic mechanisms is a critical requirement for protecting permissioned blockchains. Since the permissioned blockchain incorporates the identities of blockchain nodes, the need for HSMs is critical.
It would be in the best interest of banks and payment services providers to use HSMs and secure key management systems to perform the cryptographic operations needed for blockchain operations.