- Encryption specialist ThothTrust implements Utimaco Hardware
Security Module (HSM)
- Utimaco HSM stores master data encryption key for digital wallets
a leading manufacturer of Hardware Security Module (HSM) technology,
partners with ThothTrust in Singapore to protect digital wallets and
their cryptocurrency assets with Utimaco HSMs and the CryptoScript
Software Development Kit (SDK).
is a leading provider of innovative security techniques to prevent
leaking of critical data. The Customizable Secure Cryptography (CSC)
product offers different security levels and customization options to
create a secure environment corresponding to the customer’s unique
requirements. In the case of digital wallets, a Wallet Security Module
(WSM) ensures cryptocurrency asset security based on a Utimaco HSM as
its hardware root of trust.
The Utimaco HSM equipped with the WSM module generates secure digital
wallets, which can store up to 255 pieces of 256-bit ECDSA key pairs for
cryptocurrency and token transactions.
These keys securely sign cryptocurrency transactions including Bitcoin,
Ethereum and many other flavors of Bitcoin, ERC20 compatible tokens as
well as tokens that rely on 256-bit ECDSA cryptographic signatures.
Signing happens without ever leaving the secure confines of the Utimaco
HSM, preventing leakage of transaction keys.
Authentication to the WSM-backed wallets relies on public key
challenge-response using ECDSA signatures via an ECC key pair created by
the endpoint device and secured using the endpoint’s secure keystore.
This keystore usually requires a password or biometric authentication
from the user to access the device key pair for authorizing the user’s
requested actions (i.e. creating digital signatures for cryptocurrency
transactions or managing the wallet).
Users may also securely provision new devices for increased flexibility
and accessing their digital wallets and cryptocurrency funds from
multiple authorized endpoints. If a user loses all authorized devices,
the WSM module features a wallet restoration functionality. This process
requires the user to enter a 12-digit PIN code and supply the wallet ID
to restore access to the wallet and its cryptocurrency transaction keys.
At the same time, a limited number of possible PIN entry retries
prevents brute-force attacks against the WSM-backed wallets and results
in a lockout period when the number of PIN entries exceeds the
threshold. The lockout period is backed by the HSM’s secure clock.
“In an era where digital security is highly complex and dynamic, Utimaco
provides robust security standards and a highly adaptable platform that
can implement complex and holistic security solutions. Its CryptoScript
capability provides a secure environment for executing sensitive
business logic to the standards of the FIPS-140 security certification,”
says Gerald Tay, Director at ThothTrust.
Apart from securing cryptocurrency assets, the WSM is also capable of
being modified for use in traditional mobile payment scenarios, e.g. in
the context of tokenized payment applications by adapting the specific
codes and scripts.
“ThothTrust and their customers can rely on Utimaco’s longstanding
expertise and security standards in the field of hardware security,”
says Malte Pollmann, CEO of Utimaco. “Optimized for encryption and
crypto applications, the Utimaco HSM minimizes the risk of
cryptocurrency assets being stolen from the digital wallets.”
Security is of major importance when it comes to digital wallets, as the
financial losses in case of a security breach easily reach several
million dollars. A recent breach with a loss of over $20 million is
likely due to lost control of authentication keys, which the use of an
HSM could have prevented.
Utimaco is a leading manufacturer of HSMs that provide the Root of
Trust, from financial services and payment to the automotive industry,
cloud services and the public sector. We keep cryptographic keys and
digital identities safe to protect critical digital infrastructures and
high value data assets. Our products enable innovation and support the
creation of new business by helping to secure critical business data and
Founded in 1983, Utimaco HSMs today are deployed across more than 80
countries in more than 1,000 installations. Utimaco employs a total of
200 people, with sales offices in Germany, the US, the UK and Singapore.
For more information, visit https://hsm.utimaco.com/