PKCS#11 Key Attributes

Secubit’s HSM follows the PKCS#11 standard, which defines the API for key management, cryptographic operations, and key attributes. Key attributes in PKCS#11 specify how a key can be used (e.g., for signing, encryption, wrapping) and what operational or lifecycle constraints are enforced.

In Secubit’s architecture, the custom HSM code — called vault — runs inside the secure boundary of the HSM with privileged access to keys. The Secubit server connects to the HSM using PKCS#11 session APIs for authentication and communication, but it never calls the raw PKCS#11 cryptographic functions directly. Instead, it interacts with the higher-level Vault API, which abstracts complex operations such as wallet management, policy enforcement, Merkle tree validation, and transaction signing by enforcing user approval protection.

Because of this design, no external entity, including the Secubit server, needs to invoke the HSM’s native PKCS#11 cryptography APIs. As a result, all key attributes related to external usage — such as encrypt, decrypt, sign, verify, wrap, and unwrap — are set to false. This configuration ensures that keys cannot be misused by any party outside of the Vault. The keys exist and operate only within the Vault’s controlled logic, never being exposed to the application layer or to direct PKCS#11 operations.

In addition, all keys and objects in the HSM have the PKCS#11 private attribute set to true. This means that even the handles or metadata of these objects are not visible outside the HSM. If a server or application is compromised, the attacker cannot even enumerate or discover what keys exist inside the HSM, since the device will not reveal this information. Only the Vault, running internally, has the authority to reference and use these hidden objects.

This hardening has strong security implications. Even if the Secubit server were to be compromised and its credentials for establishing an HSM session were stolen, the attacker would be unable to exploit the PKCS#11 interface to misuse keys. The compromised server would still be blocked from modifying wallets or signing transactions, because those actions are exclusively authorized and executed by the Vault code inside the HSM.

By minimizing exposed key attributes, Secubit effectively reduces the attack surface of PKCS#11. The HSM enforces the principle of least privilege, allowing only the Vault to exercise cryptographic functions. This strict separation ensures that key material is never accessible to external software and that all sensitive operations remain confined to the tamper-resistant hardware boundary.