To start, as both disclosure and a background, I have signed a mutual NDA with a large company that makes SEs. This does *not* include a non-disparagement clause, and what is covered by NDA is technical documentation.
> Not to mention (well, I guess I'm mentioning) the risks of a supply chain attack for the secure elements.
This depends on the secure element. The company that I work with, and many other reputable vendors, have strong countermeasures against supply chain attacks:
- Each chip gets a unique key to identify it, that proves it is genuine
- Production of chips is tightly monitored
- Sensitive key material is stored in dedicated hardware only
and so on.
Cheap SEs, like the ATECC series, to my knowledge do not do this.
> And at this point, secure elements are securing crazy amounts of money. So the temptation must be off the scale.
It has always been, even before Bitcoin. Passports, credit cards, other digital signature systems, etc.
And yet, there are few attacks discovered in high-quality SEs. Almost none apply to real-world scenarios.
> Secure elements are closed-hardware
That is true. But the off-the-shelf MCUs are also closed hardware. Everything is closed hardware. Unfortunately, due to how the IC industry works, building a chip requires proprietary IP, and any company that gives it away is shooting themselves in the foot, really.
Economic incentives are very real, while the amount of protection open sourcing a SE is not. (how do you verify the chip you got equals the open source design?)
> Secure elements ... require NDAs
This will change.
Semisol / semisol
npub122…cgrkj
2025-05-27 17:14:51
in reply to nevent1q…0rca
Author Public Key
npub12262qa4uhw7u8gdwlgmntqtv7aye8vdcmvszkqwgs0zchel6mz7s6cgrkjPublished at
2025-05-27 17:14:51Event JSON
{
"id": "c33c4978402b20d34906add4d3bf691becad33f7210751dae7a43f8fa2b8c94b",
"pubkey": "52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd",
"created_at": 1748366091,
"kind": 1,
"tags": [
[
"e",
"b4c22f8266c34dc3b3b34e85590a5afd6814ef85bfedb50311670431eee14955",
"wss://puravida.nostr.land",
"root"
],
[
"e",
"5b09b3aeb1cefad488c11c5426dbe1f3818bcd74d82534c1f9938ff9cec9f3f7",
"wss://nos.lol/",
"reply",
"e217899785048ee15da66ab1c4633b8679d141e96c526017d5e7b1991ce584b9"
],
[
"p",
"922945779f93fd0b3759f1157e3d9fa20f3fd24c4b8f2bcf520cacf649af776d"
],
[
"p",
"6c5fbbb2ed7c3a8df0f17376ad38167bef90ad337d0cc46d26f0ca68620b9a71"
],
[
"p",
"e217899785048ee15da66ab1c4633b8679d141e96c526017d5e7b1991ce584b9"
],
[
"p",
"52b4a076bcbbbdc3a1aefa3735816cf74993b1b8db202b01c883c58be7fad8bd"
],
[
"client",
"noStrudel",
"31990:266815e0c9210dfa324c6cba3573b14bee49da4209a9456f9484e5106cd408a5:1686066542546"
]
],
"content": "To start, as both disclosure and a background, I have signed a mutual NDA with a large company that makes SEs. This does *not* include a non-disparagement clause, and what is covered by NDA is technical documentation.\n\n\u003e Not to mention (well, I guess I'm mentioning) the risks of a supply chain attack for the secure elements.\n\nThis depends on the secure element. The company that I work with, and many other reputable vendors, have strong countermeasures against supply chain attacks: \n- Each chip gets a unique key to identify it, that proves it is genuine\n- Production of chips is tightly monitored\n- Sensitive key material is stored in dedicated hardware only\nand so on.\n\nCheap SEs, like the ATECC series, to my knowledge do not do this.\n\n\u003e And at this point, secure elements are securing crazy amounts of money. So the temptation must be off the scale. \n\nIt has always been, even before Bitcoin. Passports, credit cards, other digital signature systems, etc.\n\nAnd yet, there are few attacks discovered in high-quality SEs. Almost none apply to real-world scenarios.\n\n\u003e Secure elements are closed-hardware\n\nThat is true. But the off-the-shelf MCUs are also closed hardware. Everything is closed hardware. Unfortunately, due to how the IC industry works, building a chip requires proprietary IP, and any company that gives it away is shooting themselves in the foot, really. \nEconomic incentives are very real, while the amount of protection open sourcing a SE is not. (how do you verify the chip you got equals the open source design?)\n\n\u003e Secure elements ... require NDAs\n\nThis will change.",
"sig": "a4119998b601a0a6f6c43b5607e951bd7d1dbf7cb935eb190ae7c06c0e4bcf3fc465b96128eb6d65d1c574efbc6b9db0927e29edcb7c49624c3b43d76c03c701"
}