Secure Element

Secure Element utilized in Citadel Wallet has an independent Common Criteria EAL 6+ security certification up to OS level and supports both RSA & ECC asymmetric cryptographic algorithms with high key length and future proof ECC curves. Latest security measures in this secure element protect the chip against invasive and non-invasive attacks. For a comparison, Ledger hardware wallets are certified to only up to EAL 5+ security level.

Secure element is specifically designed for blockchain, secure IoT, government ID and secure key storage applications. It requires a host controller, which will communicate with the secure element through I2C interface and make key operation requests such as key creation, message signing and verifying. It generates the private/public key pairs for asymmetric encryptions internally to the secure element and private keys never leave the chip. Some of the major features of the Secure Element include:

  • CC EAL 6+ and SESIP4 certified HW and OS

  • FIPS 140-2 certified platform with Security Level 3 and Security Level 4 related to Physical Security of the HW

  • Effective protection against advanced attacks, including Power Analysis and Fault Attacks

  • Multiple logical and physical protection layers, including metal shielding, end-to-end encryption, memory encryption, tamper detection

  • RSA and ECC asymmetric cryptography algorithms, future proof curves and high key length, e.g. Brainpool, Edwards and Montgomery curves

  • AES and DES symmetric cryptographic algorithms for encryption and decryption

  • HMAC, CMAC, SHA-1, SHA-224/256/384/512 operations

  • Extended temperature range for industrial applications (-40 °C to +105 °C)

Hedera accounts require ED25519, RSA-3072 or ECDSA cryptographic pairs for account creation and interaction with the network. Secure Element used in Citadel Wallet support all options.

Last updated