WHAT ARE SECURE ELEMENTS?
- 6 May, 2023
The advent of secure elements came about with the introduction of credit cards. There was a need to have electronic devices which were physically and electronically secure, reliable and tamper proof in a constantly changing environment as people went about their lives.
As computing devices became more ubiquitous in society (smartphones, servers and PCs) there was a use case for secure elements to extend to these devices as well. Secure elements are present in most smartphones, servers which process credit card transactions, personal computers and of course in credit cards. Guess what? There is a high probability you are carrying multiple secure elements in your pocket right now. Furthermore, you are most likely accessing this article from a device which contains a secure element!
Naturally with the advent of hardware wallets, which secure highly sensitive private key and seed data pertaining to user’s crypto wallets, there is a natural symbiosis for secure elements. We will discuss this in the latter sections. First let’s have a brief primer on secure elements.
What is their use?
Modern operating systems are highly complex by their very nature, they allow people to do many different things: access health records, make social media posts, conduct banking transactions. Systems are becoming complex while the need for security is every increasing. As such there is a constant dog chasing tail situation where systems are getting more and more complex and subsequently ensuring the OS is secure becomes increasingly difficult. To solve this problem is where a secure element enters the picture. A secure element is utilized as a separate integrated circuit complete with it’s own operating system (insert Java Card OS link) to which the main processor on a device (smart phone, server, etc.) offloads its most critical security needs.
What makes a secure element, secure?
To understand the secure element's security features, let’s look at the possible ways a hacker can attempt to hack a device and how the secure element prevents the attack.
How do Secure Elements protect against Software Attacks?
The first types of attacks are software attacks. In this the attack is carried out by executing a piece of code, a malware, on the device. These types of attacks are cheap, can be done over the web and can target a large number of devices. Preventing these attacks is paramount. The purpose of the malware can include:
- Disable memory protections
- Modify device functionality
- Denial of service
- Open communications interface
There are 2 means to insert malware into the secure element and their protections
- Attack via communication interface:
- Attack Vector: In this method the hacker inserts the malware as part of a command being send to the secure element and to have the CPU execute it.
- Protection: Secure elements are highly resistant to these types of attacks because there is a very restricted interface to communicate with the device. Each and every input is precisely defined and validate. No arbitrary code commands or execution is accepted.
- Attack via firmware update:
- Attack Vector: In this method the hacker inserts the malware as part of a software update to the secure element and to have the CPU execute it.
- Protection: Secure elements are also resistant to this because they use a secure firmware upgrade protocol which requires encryption and public key cryptography to ensure that the update is secure.
In essence the secure element has a very limited and precise means of communicating with the eternal world and so it is highly resistant to software attacks.
How do Secure Elements Protect against Hardware Attacks?
Another mode of attacking an device is via hardware attacks. Note these attacks require the attacker to have physical access to the device (e.g. theft) before the attack can be conducted. Furthermore, these types of attacks require higher technical sophistication, are more expensive to conduct and are incredibly difficult to target many devices at once. There are multiple modes of doing these attacks and their protections as outline below:
- Side Channel Attacks (SCA):
- Attack Vector: In this attack the attacker observes the analog characteristics of the secure element (voltage, current, temperature, etc.) in order to extract sufficient information of the protocol to be able to extract sensitive data. Common methods are Simple Power Analysis Attacks (SPA) and Differential Power Analysis Attacks (DPA).
- Protection: Secure elements have in-built hardware to prevent monitoring of these characteristics as well as sufficient randomization to decrease observability of the device cryptography.
- Fault Injection:
- Attack Vector: This consists of applying abnormal environmental conditions to create malfunctions in the device operation. This malfunction can create a favorable behavior for the attacker (skipping instructions, modifying conditional jumps, etc.).
- Protection: Secure elements are resistant to this as they use internal clocks and voltage regulators to monitor their own state, detect abnormal environment conditions and to act accordingly.
- Communication Port Access:
- Attack Vector: An attacker can eavesdrop on communication ports (I2C, SPI) on the secure element to extract sensitive information.
- Protection: Secure elements are resistant to this because they use encrypted protocols to communicate with the device.
- Invasive Attacks:
- Attack Vector: These attacks involve remove the hermetic sealing on the secure element, reverse engineering the functionality (via imaging), injecting faults into the silicon via micro probing and even modifying the silicon via focused ion bean workstations (FIB).
- Protection: Although this is a grey area depending on the attacker’s sophistication, secure elements are resistant to these attacks as well as they have detection measures built in to detect whether the device has been physically tampered. If it has been tampered then the device will lock its secrets.
The secure element is an integrated circuit built by design to secure the most sensitive of data. Physical attack protections are built into the device all the way to the silicon itself and as such it is resistant to most physical attacks.
Issues with Secure Elements?
One issue with secure elements is their closed source nature by the designers and vendors of the secure elements. This is closed source nature is sometimes referred to as “Security by Obscurity”, however, it has its issues. Firstly, without access to the source code, it becomes difficult for independent security experts to conduct comprehensive audits and identify potential vulnerabilities or backdoors. This lack of transparency raises concerns about hidden security flaws or intentional weaknesses that could be exploited by attackers.
Additionally, closed source limits the ability of the user or developer to customize and verify the security measures implemented within the secure element, potentially leading to a decreased level of trust and confidence in its security. Lastly, closed source can hinder collaboration and hinder the ability of the security community to collectively improve and strengthen the security of the secure element.
How are Secure Elements used in Crypto Hardware Wallets?
Secure elements are used in hardware wallets to secure the users private keys or seed information. The basic idea is that keys are generated in the secure element and any cryptographic operation to be performed using the keys is done within the secure element. As such the keys never leave the secure element.
What about Crypto Wallets without Secure Elements?
Wallets without secure elements are software wallets. These wallets run as a browser extension, desktop application or mobile application. In these wallets the private key data and/or seed data is store in a wallet file in encrypted form. If an attacker gains access to your browser, PC or smart phone then they may be able to extract this wallet file and attempt to extract your private keys and or seed phrase. There is a high probability of this happening given that browsers, PCs and smart phones are connected to the internet 24/7.
What should I be looking for in a Hardware Wallet?
There is a key distinction to make with hardware wallets and secure elements which is that hardware wallets are cold storage regardless of whether the device contains a secure element. Cold storage means that the private keys and seed data are stored on a device which is not connected to the internet and has a singular purpose, to secure private keys.
This is important because cold storage wallets (I.e all hardware wallet) can prevent software attacks (as discussed). That is they prevent attacks which can be done remotely by hackers over a computer network. The primary additional benefit of the secure element is that it prevents attacks which require in-person access to the hardware wallet.
Hardware wallets are devices which should remain at home in a safe and private location. As such prevention of remote hacking is of higher priority than of physical theft. Therefore, secure elements are beneficial but not absolutely necessary when deciding on a hardware wallet. There are many hardware wallets on the market which do not utilize secure elements but are still secure.
Ronyn's Approach? Go beyond the Secure Element
With the Ronyn Vault hardware wallet, it was designed such that even if the device was stolen and the secure element was compromised, it would not compromise the wallet. This can be done through one-way cryptography. More specifically, only the seed exists (encrypted) on the secure element not the passphrase, but both the passphrase and seed are required to access the wallet. This approach of requiring a passphrase with the seed as specified in the BIP39 specification provides one-way cryptography such that even if an attacker were to get access to the device, they cannot reverse engineer the passphrase without brute forcing all possible combinations.
“The described method also provides plausible deniability, because every passphrase generates a valid seed (and thus a deterministic wallet) but only the correct one will make the desired wallet available.” - BIP39
The Ronyn Vault does utilize a secure element to authenticate the device via the pin and to store the seed in encrypted form. However, the security of the seed is primarily done via the passphrase. This offers a security even if the attacker is able to extract data from the secure element by hardware attacks (as discussed in the earlier sections). Furthermore, this approach also secures the users seed during a firmware update as the device can be updated without inputting the passphrase into the wallet.
Additionally, the secure element on the Ronyn Vault does offer a higher level of reliability during a device firmware update (DFU) than hardware wallets which do not have secure elements because the application being updated exists on the main processor whereas the sensitive data is stored on the secure element which stays untouched during the update.
This hybrid approach of utilizing the benefits of a secure element while at the same time utilizing one-way cryptography to secure the user’s wallet allows the Ronyn Vault to go beyond the limitations of the secure element alone.