Accenture wants to help businesses use blockchain technologies more securely by locking away the encryption keys they use to sign transactions.
It’s built a system that blockchain developers can use to store credentials in specialized cryptoprocessors called hardware security modules (HSMs).
HSMs are typically used by banks to store the PINs associated with payment cards or the credentials used to make interbank payments over the SWIFT network, and are much more secure than storing the credentials, even in encrypted form, on network-connected servers from where attackers could steal them.
The PINs or credentials never leave the HSMs, and their use within them is strictly controlled.
HSMs aren’t just for banks: You may even have one in your pocket. The “secure enclave” that Apple has put in iPhones from the 5s onwards operates along similar lines.
Integrating an HSM with a blockchain has been done before, according to Accenture, but not on a large scale. With its new system, the company hopes to make it easy for blockchain developers to incorporate HSMs.
Accenture’s proof of concept works with the nShield HSM developed by Thales e-Security and the Hyperledger Fabric blockchain software, but the company plans to extend the project to other commonly used HSMs and says it can be adapted to other blockchains.
Securely storing blockchain credentials is important — but becomes all the more so when they can be used to modify past transactions.
Blockchains are usually immutable shared public ledgers of transactions — but last September Accenture showed how to make permissioned blockchains editable given the right credentials. Permissioned blockchains are more common in banking environments, where access is controlled and all users can be vouched for. Permissionless blockchains like the one underlying the ledger of all bitcoin transactions need to be immutable because participation in them is open to anyone.