Blockchain transactions are signed by private keys. Secure key storage and tamper-proof computers are essential requirements for deploying a trusted infrastructure. In this paper, we identify some threats against blockchain wallets and propose a set of physical and logical countermeasures to thwart them. We present the crypto terminal device, operating with a removable secure element, built on open software and hardware architectures, capable of detecting a cloned device or corrupted software. These technologies are based on tamper-resistant computing (javacard), smart card anti-cloning, smart card content attestation, application firewall, bare-metal architecture, remote attestation, dynamic Physical Unclonable Function (dPUF), and programming tokens as a root of trust.This paper is an extended version of the paper ''Innovative Countermeasures to Defeat Cyber Attacks Against Blockchain Wallets,'' 2021 5th Cyber Security in Networking Conference (CSNet), 2021, pp. 49-54, doi: 10.1109/CSNet52717.2021.9614649
翻译:区块链交易由私钥签名。安全的密钥存储和防篡改计算机是部署可信基础设施的基本要求。在本文中,我们识别了一些针对区块链钱包的威胁,并提出了一组物理和逻辑对策来阻止它们。我们提出了加密终端设备,该设备采用可移动的安全元件构建于开放软件和硬件架构之上,能够检测克隆设备或损坏软件。这些技术基于防篡改计算(Java卡)、智能卡防克隆、智能卡内容认证、应用程序防火墙、裸金属架构、远程认证、动态物理不可复制函数(dPUF)以及编程令牌作为根信任。本文是论文"Innovative Countermeasures to Defeat Cyber Attacks Against Blockchain Wallets, 2021 5th Cyber Security in Networking Conference (CSNet), 2021, pp. 49-54, doi: 10.1109/CSNet52717.2021.9614649"的扩展版。