We are witnessing the rapid rise of blockchain technologies in many sectors: banks, transportation, automotive, public sector, etc. Blockchain appears often as the universal panacea and the remedy to many problems.
Some examples of this are fighting against fraud and counterfeiting and providing trust in a digital economy. For this, blockchain technologies rely entirely on cryptographic operations like hashing and signatures. To the difference with banks, blockchain makes relatively small use of symmetric cryptography (3-DES, AES, etc.)
In this article, we examine why HSMs matter to blockchains and why blockchain systems cannot really afford not to use them anymore.
Since there is no norm for blockchains, it is impossible in principle to rule out any sort of cryptographic system or algorithm. However, blockchains are always based on a variant of the ‘initial’ blockchain system developed by the Bitcoin cryptocurrency.
Blockchain per se is not using PKI. However, its operation mode is not so different. It is believed that PKI and Blockchain may eventually fuse in the near future.
For instance, in the Bitcoin architecture, which is a public blockchain, users are provided with their own key pairs. The algorithm used is ECDSA (Elliptic Curve Digital Signature Algorithm) and the private keys are always 256 bits long.
In Bitcoin, it’s up to each user to generate a key and register to the Bitcoin. Once the registration is done, the user is given a unique SHA-256 hash that acts as an ID for his/her account.
Without using an HSM (or any equivalent device), the protocol is clearly incredibly insecure. For example, anyone can offer software or online services for key creation with poorly designed random number generators.
Since the Bitcoin system (and most of the other public cryptocurrencies and token systems) is entirely anonymous, ownership of private keys equals ownership of the account (and of the corresponding amount of crypto money). There is no possibility in the ‘raw’ Bitcoin system to use passports or any credentials to restore or block bitcoin funds. Therefore, any user using a computer or any unprotected electronic device to store his/her private key is using Bitcoin insecurely. This is true for any blockchain system.
In general, Bitcoin users and crypto token users can register to third-party financial services who will generate keys on their behalf. Yet, the third party service has to securely generate and store the keys. With millions of wallets managed, serious and professional companies must use HSMs in combination with being compliant with norms such as the ANSI X9.24-1-2017, such as shared secrets, secure cryptographic devices, etc., for instance
However, many cryptocurrency exchange online wallets are still not using such systems and may simply store the keys inside USB sticks that are stored in bank vaults, which is insecure as well.
Regardless of this ‘cold storage’, the online wallets must keep a copy of the private keys so that they can use them for spending the bitcoins, e.g., signing the transactions during the blockchain operations. Bitcoins are stored in the blockchain itself and associated with the hash of a given ECDSA private key.
If the hash or signature operation is done purely in software-based systems, there then is a great risk that the keys may be intercepted, tampered with, have their destination address replaced, and that the amount is fraudulently modified. Badly managed keys can also be damaged or lost.
To illustrate these risks we state the following facts:
Permissioned blockchains are ‘just starting’ when compared to cryptocurrencies that have already been active for over a decade.
Their design is more business-oriented, yet they bear the same weaknesses of their public counterparts if HSMs are not used.
In Corda, notaries nodes that act as critical trusted authorities for timestamping and/or consensus use three private keys that must be ideally stored inside HSMs:
Corda supports the Utimaco SecurityServer Se Gen2 for storing the legal identity keys of nodes.
Hyperledger fabric supports HSMs.
When creating a blockchain network, keys can be generated inside an HSM using PKCS#11. HSMs are used to store Hyperledger Admin Certificate Authority (CA), Peer, and Orderer private keys as well.
Please refer to “The Key Role of HSMs in Secure Permissioned Blockchains for Banking and Payment Services” for a further explanation of why HSMs are important to permissioned blockchains.
Not using HSM in a permissioned blockchain can result in the same damage that may occur with public cryptocurrencies, including stolen account keys being stolen or easily guessed. The security of the private keys guarantees the security of blockchain operations that are heavily dependent on asymmetric cryptography.