Security

The ownership, independent control and authenticity of data in environments such as Blockchain ultimately rely on the security at endpoints of cryptographic keys such as private signature keys. The compromise or loss of such keys can destroy trust, corrupt the system, deny legitimate access or lead to false representations.

Vital to this is the secure storage of such keys and other security values. This is particularly relevant to applications such as Blockchain since keys may be managed by multiple individual and vulnerable endpoints, typically in software environments where dedicated hardware is not available, and where it is not desirable to concentrated security and trust in any one part of the system.

Endpoints or system elements may be compromised and security related information subject to analysis or attacks such as an exhaustive (or brute force) search to remove any security protection. SEAcurIT-e® ensures such breaches do not lead to the compromise of stored keys. More specifically, it is computationally infeasible for any party or system component other than the intended user to gain any knowledge of stored keys or other protected security values irrespective of the quality of user-supplied values such as passwords.

This ensures that it is not possible to derive any information about stored cryptographic keys or other security values by analysing the contents of the device, giving a substantial additional layer of security over standard storage methods.

There is no reliance for secrecy on trusted repositories, and consequently no single point of failure resulting from the use of a large repository or store. Issues resulting from poor or weak password choices are also overcome.

The system is highly resilient, and a user's SEAcurIT-e® components may be updated or refreshed at any time without necessitating an update of the user's managed security values or password. Additional information is provided in a Technical Briefing.