What is EviSCP HSM?
EviSCP HSM is an acronym for “Evi Secure Communication Protocol Hardware Security Module”. It is a secure communication protocol that uses the EviCore HSM technology to manage all types of asymmetric keys, including OpenPGP. This technology allows the user to freely choose the type of algorithm he wants to use (RSA 1024, 2048, 3072, 4096 or ECC). The user can also import a pair of asymmetric keys that he already has, whether it is OpenPGP or not. This technology also allows the user to randomly generate a pair of asymmetric keys with a high degree of randomness.
EviSCP HSM transforms any existing communication protocol such as NFC, LAN, WAN, satellite, GSM, Wi-Fi, Bluetooth, into a secure communication channel between portable electronic devices (such as HSM smartphones, NFC HSM or other HSM or NFC HSM storage devices EviKey or EviDisk). This secure communication channel works without a server or a database of secrets, thus greatly improving security.
The principle of the secure communication channel is to create an encrypted tunnel between two parties wishing to communicate securely. This tunnel allows to establish a private and confidential connection, which cannot be intercepted or altered by third parties. The EviSCP protocol uses encryption and authentication keys generated randomly and stored in the NFC HSM or HSM multi-support devices, which are tamper-proof hardware security modules. These keys are used to encrypt and decrypt the data exchanged between the parties, as well as to verify their identity and integrity.
EviSCP HSM also uses the Zero Knowledge Proof (ZKP) protocol to prove the truthfulness of statements without revealing any information beyond the simple fact of the truth. The ZKP is a form of cryptography that allows one party (the prover) to prove to another party (the verifier) that a statement is true, without revealing any information beyond the simple fact of the truth of the statement. The ZKP must meet three criteria to be valid:
- Completeness: A ZKP protocol is said to be complete if, when the statement is true, the prover can always convince the verifier with a high probability.
- Soundness: A ZKP protocol is said to be sound if, when the statement is false, the prover cannot convince the verifier with a non-negligible probability.
- Zero knowledge: A ZKP protocol is said to be zero knowledge if the verifier learns no information other than the truthfulness of the statement.
EviSCP HSM uses ZKP to prove that the parties have the secret key segments necessary to access the encrypted data or the NFC HSM or HSM multi-support devices, without revealing these segments or the associated authentication factors. EviSCP HSM also uses ZKP to prove that the parties have the asymmetric keys necessary to establish the encrypted tunnel, without revealing these keys or the data exchanged. EviSCP HSM finally uses ZKP to prove that the NFC HSM or HSM multi-support devices are authentic and intact, without revealing their signature or their content.