Cryptnox Docs

cryptnox-logo

Secure Element Features

The Secure Element serves as the foundation of the card’s security model, designed to protect cryptographic materials and enforce all access control mechanisms within a tamper-resistant environment.

​​Security Certifications

The card operates on a Common Criteria EAL6+ certified Secure Element, providing one of the highest levels of assurance available for both hardware and embedded software.

All cryptographic primitives—AES, SHA, and RNG—are FIPS 140-2/3 compliant, ensuring interoperability and validated cryptographic strength.

The architecture is hardened against side-channel attacks (DPA/SPA) and fault injection attempts, safeguarding against both passive and active threats.

Memory & Isolation

Persistent data is stored in secure EEPROM, which is physically and logically isolated from the 

JavaCard operating system.

Hardware-level protections prevent unauthorized reads, and all write and erase operations include 

integrity verification routines.

This isolation also enforces non-exportability of private keys and seeds.

The hierarchical key derivation engine supports up to eight levels of depth, consistent with BIP32 

and SLIP10 standards.

Key Management

Private keys and seeds never leave the Secure Element.

The card supports a dual-seed generation protocol, allowing two cards to securely generate and 

share identical seeds without ever exposing key material.

Independent key derivation trees exist for both secp256k1 and secp256r1 curves, enabling 

simultaneous use across blockchain and enterprise contexts.

All cryptographic operations are gated by PIN-based authentication, with optional “pinless paths” 

available for predefined derivation slots where repeated authentication is not required.

Communication Security

Card communication is based on ISO7816 APDU exchanges using the T=1 protocol, with full 

support for extended-length APDUs.

A Secure Channel protocol, built on ECDH key exchange and AES-256 encryption, ensures the 

confidentiality and integrity of all exchanges.

Each session is mutually authenticated, protected with AES-256 CBC for encryption and AES-256 

CMAC for integrity, and reinforced with nonce-based replay protection.

Hardware Random Number Generator

The integrated TRNG, compliant with AIS-20 Class DRG.3, provides entropy for all critical security operations including seed creation, keypair generation, and cryptographic session nonces.

This guarantees randomness at the hardware level, essential for maintaining cryptographic unpredictability.

Menu
cryptnox-logo
Menu