To start, as both disclosure and a background, I have signed a mutual NDA with a large company that makes SEs. This does *not* include a non-disparagement clause, and what is covered by NDA is technical documentation.
> Not to mention (well, I guess I'm mentioning) the risks of a supply chain attack for the secure elements.
This depends on the secure element. The company that I work with, and many other reputable vendors, have strong countermeasures against supply chain attacks:
- Each chip gets a unique key to identify it, that proves it is genuine
- Production of chips is tightly monitored
- Sensitive key material is stored in dedicated hardware only
and so on.
Cheap SEs, like the ATECC series, to my knowledge do not do this.
> And at this point, secure elements are securing crazy amounts of money. So the temptation must be off the scale.
It has always been, even before Bitcoin. Passports, credit cards, other digital signature systems, etc.
And yet, there are few attacks discovered in high-quality SEs. Almost none apply to real-world scenarios.
> Secure elements are closed-hardware
That is true. But the off-the-shelf MCUs are also closed hardware. Everything is closed hardware. Unfortunately, due to how the IC industry works, building a chip requires proprietary IP, and any company that gives it away is shooting themselves in the foot, really.
Economic incentives are very real, while the amount of protection open sourcing a SE is not. (how do you verify the chip you got equals the open source design?)
> Secure elements ... require NDAs
This will change.
Showing page 1 of
1 pages
