Personal On-line HSM for Ethereum assets

Ethereum assets rely on private keys and signature generation. Off line (cold wallet) and on-line (hot wallet) technologies can be used according to user preferences, to secure its assets. Whether on premise or in the cloud, two secure storage and computing technologies are often being used: Hardware Security Module (HSM) and Confidential Computing solutions. This talk is dedicated to personal on-line HSM executing an Ethereum keystore. The main idea is to use on-line secure element, offering the best security level (EAL6+) according to Common Criteria (CC) standards. Personal HSM enables individuals to have their own cost effective personal on-line secure storage and Ethereum computing service with the same trust level as the smartcards they carry with them. About personal HSM A personal HSM is a server with two TCP daemons, RACS (Remote APDU Call Secure) and TLS. RACS provides an administrative plane used to download on-demand applications in secure elements. Application providers are authenticated by X509 certificates. Uploading security is enforced by Global Platform protocols, used in banking environment TLS front server is used for user plane. Ethereum keystore is an application that runs in secure element, over a TLS 1.3 server. Each secure element identified by a server name. TLS front server routes sent/received messages to/from Ethereum keystore identified by its TLS server name. The attestation procedure, which transfers exclusive property of personal HSM to user, relies on the fact that secure element cannot be cloned, and that they can only manage a single TLS session at a given time. A personal HSM is a TLS 1.3 server, secured by a 256 bit pre shared key, which acts as a super PIN code that protects the keystore application embedded in the secure element. The customer knows the PSK value and uses TLS-PSK client to remotely use the remote keystore. Optionally the PSK value is protected by an access smartcard or by a crypto terminal. Customer Benefits Secure elements have the highest security level for hardware components. They are also manufactured be several companies. Software typically written in javacard language enables a rich ecosystem, including open source, for application providers. Native TLS interface and de facto standard for security protocol facilitate the design of comprehensive trust models. In summary, personal HSM, based on open hardware and software, is a very effective open solution to secure on-line Ethereum assets. Some References http://ethertrust.com/personalhsm/ HotRFC lightning talk sessions at IETF 112 https://www.youtube.com/watch?v=dxw7kMijz34 Code: https://github.com/purien/keystore