Hardware Wallets: What is the Secure Element?
Balancing the Pros and Cons of Secure Elements for Enhanced Bitcoin Security
A secure element is a microprocessor chip designed to store and process sensitive information. It is found in devices such as credit cards and SIM cards. In the context of bitcoin, a secure element is used in hardware wallets to store seed phrases and private keys, providing added protection against physical attacks. While there may be some downsides to using a secure element, it is generally considered a useful way to add an extra layer of security to protect devices from various types of attacks.
Protecting the private key
A hardware wallet is considered a safer option for holding bitcoin compared to software wallets on desktop or mobile devices, which are more susceptible to remote attacks and malware. However, even a hardware wallet is not immune to physical attacks if it falls into the wrong hands. This is where a secure element chip can provide added protection by preventing physical attacks on the wallet.
Fault attack protection
A secure element helps to protect against attacks such as fault attacks. In this type of attack, a hacker with access to the device can manipulate the integrated circuit to cause an error that disables internal security mechanisms, potentially giving the attacker access to sensitive information. A secure element is built to detect any abnormalities in the circuit, such as changes in voltage supply, and respond by hiding sensitive information and conducting fake operations alongside normal ones. Additionally, if the chip detects any suspicious activity, it can instantly wipe the seed phrase and private key stored on it.
Side-channel protection
Hackers also use side-channel attacks to try to extract secret data from hardware wallets. This type of attack uses external indicators to gain information about the device’s inner workings, such as by measuring power consumption or electromagnetic emissions. A secure element makes these attacks much more challenging by performing fake operations alongside real ones, making it nearly impossible to read and decrypt the private key.
Certification
Secure element certification is a process in which a third-party organization evaluates and certifies the security of a hardware wallet’s secure element. The certification process typically involves testing the secure element against various security threats, such as side-channel attacks and physical tampering.
There are several organizations that provide secure element certifications, including Common Criteria, FIDO Alliance, and EMVCo. Each organization has its own certification criteria and process, but they generally require hardware wallets to meet strict security standards before they can be certified.
For example, Common Criteria (CC) is an international standard for evaluating the security of IT products. To obtain Common Criteria certification for a secure element, a hardware wallet must undergo a rigorous testing process that includes vulnerability analysis, penetration testing, and source code review. Technology companies use a Common Criteria Evaluation Assurance Level (EAL) rating system to verify and validate that a product’s security features work effectively. The ranking measures the assurance, or confidence, that a product’s security features will stop a threat.
EAL (Evaluation Assurance Level)
- EAL1 — functionally tested
- EAL2 — structurally tested
- EAL3 — methodically tested and checked
- EAL4 — methodically designed, tested, and reviewed
- EAL5 — semi-formally designed and tested
- EAL6 — semi-formally verified design and tested
- EAL7 — formally verified design and tested
Disadvantages of a secure element
While the benefits of using a secure element in a hardware wallet are clear, it’s important to be aware of the potential drawbacks as well.
Closed source
Most secure elements currently available are proprietary, making it challenging for anyone other than the manufacturer to examine and confirm the chip’s security. This means that consumers must rely on the vendor’s assurance that the chip is not compromised during production or any other stage in the supply chain. However, it’s worth noting that closed-source designs can provide additional security, as it’s harder for attackers to identify and exploit potential weaknesses in the design, compared to an open-source chip.
Certification over Security
Most secure element vendors rely on their reputation and certification to gain trust among consumers. While many vendors have a solid reputation, some may feel uneasy trusting a business that prioritizes certification over security, particularly when the incentives of the certifying body may be biased toward vendors who pay them.
However, it’s worth noting that secure elements in hardware wallets have a strong track record in securing billions of dollars worth of bitcoin for many years, with few known instances of compromise despite extensive research by security experts worldwide. Based on this record, they can be considered very secure.
Open-source secure elements
SatoshiLabs, the creator of the Trezor hardware wallets, is developing an open-source secure element called Tropic Square. This initiative aims to make design specifications, verification, and testing available to the public, providing a transparent alternative to the current generation of bitcoin wallet secure elements, whose security can be independently verified by anyone in the community.
Should you choose a hardware wallet with a secure element?
When choosing a hardware wallet, there are trade-offs to consider when deciding whether or not to include a secure element. While a secure element provides added protection against physical attacks, it also increases the risk of potential compromise by the manufacturer or supply chain. On the other hand, using a hardware wallet without a secure element may be more vulnerable to physical attacks, but the risk of compromise by the manufacturer or supply chain is reduced.
To mitigate the cons of using a secure element, consider using these techniques:
- on single-sig setup, use a passphrase. Passphrases serve as a function of second-factor protection of the recovery seed and are the ultimate protection against attacks involving physical access to the device or the recovery seed.
- on a multi-sig setup, use hardware wallets of different brands, so you don’t have to trust a single third-party secure element.
This allows you to benefit from added security features while minimizing the potential drawbacks.
Hardware wallets with a secure element
This website compares feature by feature, different Hardware Wallets with a secure element:
Jade creators explain why they don’t need a secure element here:
BitBox02 creators wrote these articles about this topic:
Keystone creators wrote these articles about this topic:
SafePal S1 creators wrote about this in item #2 of this article:
Visit our Website
With so many hardware wallets on the market, it can be challenging to choose the right one for your needs. That’s where our Hardware Wallet Comparison TheBitcoinHole.com website comes in. You will find the most comprehensive and honest resource for comparing the features of the top hardware wallets.
Support Us
There are different ways to support our work:
Related Articles
If you enjoyed this article, you might get value out of these as well!
