Skip to content
Contact us
  • There are no suggestions because the search field is empty.

What are Hardware Security Modules (HSMs)?

Hardware Security Modules (HSMs) are specialized cryptographic devices that are used to secure digital keys and sensitive data. They are designed to protect against a variety of attacks, including physical attacks, tampering, and unauthorized access. For their high security measures, they are recognized as an industry standard in sectors such as banking and military defense.

HSMs provide a number of security benefits, which resolve around Key Management, Cryptographic Operations and Tamper Resistance.

 

Key Management

HSMs provide a secure environment for the storage and management of cryptographic keys. Private keys are stored within the HSM and cannot be accessed by anyone without proper authorization. This reduces the risk of theft or loss of the keys, which are essential to controlling access to stored cryptocurrencies.

 

Cryptographic Operations

HSMs are designed to perform cryptographic operations securely and efficiently. This includes generating and verifying digital signatures, encrypting and decrypting data, and hashing data. By using HSMs, cryptographic operations are performed in a secure environment, reducing the risk of attacks or other security incidents.

 

Tamper Resistance

HSMs are designed to resist physical tampering and attacks. They are typically built with robust security features such as tamper-evident coatings, sensors that detect unauthorized access attempts, and the encryption of sensitive data. This makes it very difficult for attackers to compromise the security of the HSM and the keys stored within it.

 

How Blockrise uses HSMs

Blockrise has integrated the high security of HSMs into our ultra-secure platform by storing the private keys of clients on banking-grade HSMs in Switzerland. The private keys of clients are generated and stored inside the HSM’s secure boundary, making them inaccessible to anyone without proper authorization.

Blockrise has introduced the Blockrise Seed as a password for clients to access their private key on the HSM. When a client signs a transaction on the Blockrise dashboard with their Blockrise Seed, they make a request to the HSM to access their private key. When the clients signs the transaction successfully, the HSM retrieves the private key from its secure storage, performs the signature operation using the key, and then returns the signed transaction to the requesting system.

During this process, the private key itself is never exposed or transmitted outside of the HSM's secure boundary. The HSM's internal mechanisms ensure that the private key remains protected at all times, even during the signing operation. This means that no person ever has access to the private key – even Blockrise does not know the exact private key of their clients. This security mechanism ensures that the private key remains protected and is never compromised.