What is the security chip used by the hardware wallet?

What is a security chip?

The security chip of the hardware wallet mainly refers to the Secure Element. The SE is a microcomputer that implements functions such as secure data storage, encryption and decryption operations through unique security components and chip operating system (COS). Taking into account the characteristics of small size, low power consumption, high reliability, and strong confidentiality of SE, it can be packaged into various product forms in an embedded manner. Common ones are: IC card, SD card, SIM card, eSE, online banking USBKey , Wearable devices, etc.

What are the uses of security chips?

Security chips are not unfamiliar, like our common bank cards (with metal contact surfaces, not magnetic stripe cards), mobile phone SIM cards, ID cards, online banking USBKey, etc. are the most common application scenarios, and compared to today Fiery artificial intelligence, Internet of Things IOT, and Internet of Vehicles will also be its most powerful security practices.

What is the outlook for security chips?

Countries all over the world have begun to vigorously promote the development of new technologies and new formats such as 5G, quantum communications, artificial intelligence, the Internet of Vehicles, the Internet of Things, and the Industrial Internet, and have made certain progress. my country has also successively released action plans to promote the development of artificial intelligence and the Internet of Vehicles to create a good policy environment for the development of new technologies and new formats. Smart terminals, Internet of Things, smart driving, AR/VR, AI artificial intelligence, smart home, but no matter what type of technology, the most basic layer must be the chip layer, including data acquisition, transmission, calculation, fusion, analysis, etc. Functions are inseparable from chips. In the past few decades, major developments in various industries have been accompanied by the development of chip technology. At present, the security chip industry has been listed as one of the national information security strategies. With the vigorous promotion of policies, a large number of security chips used in different fields and even different business scenarios have emerged in the market. From a general trend, the development of security chips must be the top priority, which can be said to be one of the core competitiveness.

It has been said that the chip is very safe, but why is it safe?

The security of the chip can be said from the following perspectives, the chip's own security design, testing standards, and application practices.

First of all, the chip itself must have high security no matter from the internal software design level or the physical structure level. Since the design principles of the security chip are very complex and numerous, a few key points are listed:

• Whether to use a secure CPU, which is mainly used for the calculation of keys and data information and security detection during operation;
• Whether the CPU register has mask protection function;
• Whether the memory (NVM, RAM) is encrypted, and whether it has special integrity verification protection;
• Whether it has temperature, voltage, frequency, light sensor and special protection net;
• Whether it has a co-processor for secure encryption and decryption calculations.

Secondly, the so-called safety is not absolutely eternal. In fact, it is only relative safety under certain conditions for a period of time. Then it can be understood that there are standards to be based on within certain limits. Therefore, only through the test of standard compliance can it be considered relatively safe. . Speaking of this, I have to mention the ISO/IEC 15408 standard (Information Technology-Security Technology-IT Security Evaluation Criteria) officially released by the ISO National Organization for Standardization in 1999, which is the frequently mentioned CC standard (Common Criteria). ISO15408 is a security assessment criterion for information security-related products or systems. It has become an international standard certification and the most rigorous security system assessment criterion in the world. The significance of the CC standard is:

• The assessment helps to enhance users’ confidence in the security of IT products;
• Promote the security of IT products and systems;
• Eliminate duplicate assessments.

As for the security chip, the CC standard clarifies that its security verification level is divided into EAL1 to EAL7 from low to high. There are 7 levels from EAL1 to EAL7. The higher the level, the more security assurance requirements that need to be met to pass the certification, and the more reliable its security features. And each level of safety certification needs to be evaluated from multiple perspectives.

In addition, EAL4+ and EAL5+ products are commonly used in the financial sector, and EAL 6+ has reached the military level.

Finally, the application of practice can be judged from the following two aspects:

On the one hand, whether it has been commercialized and whether any security incidents have been exposed;

On the other hand, whether the cost of the attack is high enough, including time, manpower, and capital investment.

What kind of attacks can the security chip defend against?

• According to the international CC standards, the security chip must have anti-attack requirements, see the following:
• It should be ensured that the security chip has the ability to protect against physical measurement of the logical content of the memory unit;
• It should be ensured that when the memory cell logic or internal wiring of the security chip has been exposed, the security chip has the ability to resist the recovery of useful code or information according to the memory cell logic;
• It should be ensured that the security chip has the ability to resist the exposure of sensitive memory information caused by bypass analysis, such as analyzing the power consumption diagram of the running security chip, electromagnetic field radiation or the timing of main processing functions, etc.;
• It should be ensured that the intrusion of the security chip for mechanical detection attacks is difficult to expose the memory code and information;
• It should be ensured that it is difficult to expose memory information by attack methods such as voltage comparison and electron beam detection;
• It should be ensured that the security chip application is not affected by the interference of the operating environment. If it detects internal changes or out-of-specification assignments such as clock rate, voltage, reset pulse width, and temperature, make it invalid;
• It should be ensured that the execution of security chip applications is not affected by detection attacks;
• The security chip shall be able to resist the ability of personnel with comprehensive security chip design knowledge to use high-end specialized tools to modify the security chip through the FIB system or laser cutting machine;
• It should be ensured that the optical error attack, electromagnetic field and radiation interference of the security chip will not affect the normal operation of the application or enter a safe state;
• It should be ensured that the design of the security chip has a certain degree of difficulty, and the attacker must use a lot of effort and use high-end professional tools to reverse engineer and extract the logic building module.

Speaking of so many professional and slurred terms, I believe everyone is the same as listening to the heavenly book. In summary, even for technicians with professional knowledge, it is quite difficult to attack the security chip.

How safe is imKey?

imKey has carried out harsh security design on the product from multiple angles of software and hardware. Here, we will focus on the hardware level, and the software level will be explained one by one in future classes. I believe that my friends already know that imKey uses the CC EAL6 + security chip (a picture of the EAL 6+ security chip is attached below). This chip has reached the military level and has the following security features:

• Built-in true random number generator;
• Dual-core CPU, one execution, one safety detection;
• All CPU registers have mask protection function;
• All NVM and RAM are encrypted and have special integrity verification protection;
• Equipped with temperature, voltage, frequency, light sensor and special protection net;
• Equipped with DES, AES and a co-processor for PKI operations.

Note: The core of the blockchain wallet is the private key, and the essence of the private key is a string of random numbers. The security of the random number directly affects the security strength of the private key. The chip used by imKey is a random number generated by a true random number generator. The true random number generator usually generates random numbers from thermal noise. It has strong randomness, high security, and is difficult to predict. This is from the source The confidentiality of the private key is guaranteed, that is, the security of the wallet is ensured.

Should security chips be open sourced?

Regarding whether the security chip is open source, it's like your army is doing its best to build a military defense fortress. In order to prove the security of your fortress to the world, you have to make your security construction public, so that it will be exposed to the enemy invisibly. Opportunity. Security chips have industry guidelines and international standards that they follow, and security chips have been widely used in military, financial, government, and people’s livelihood fields. Open source will bring immeasurable security risks and even threaten homeland security. Therefore, open source cannot be used as a criterion for judging whether a security chip is secure, and compared to open source, black box privacy is more conducive to ensuring its security.

A lot of security chip knowledge sounds rather obscure. In summary, it is recommended that when buying hardware wallets, try to buy products that use security chips and have security certification qualifications.