Abstract: A secure device comprises a secure computing environment (SCE) that stores one or more cryptographic secrets, such as private keys, and is able to receive input from secure input devices such as a keypad or smartcard interface and provide output to secure output devices such as a secure display. The SCE provides safeguards against remote and physical exploits, erasing or rendering unusable the secrets in the event of actual or suspected exploit, protecting the secrets from compromise. The SCE may digitally sign internally generated messages or messages from an external device such as a smartphone. Message signing conditions may be checked and satisfied in the SCE before a digitally signed message is generated. Messages may be automatically signed if they satisfy specified conditions. The secure device may be used as part of a multisignature scheme in which a plurality of private keys are used to create a digital signature.

Abstract: A secure device comprises a secure computing environment (SCE) that stores one or more cryptographic secrets, such as private keys, and is able to receive input from secure input devices such as a keypad or smartcard interface and provide output to secure output devices such as a secure display. The SCE provides safeguards against remote and physical exploits, erasing or rendering unusable the secrets in the event of actual or suspected exploit, protecting the secrets from compromise. The SCE may digitally sign internally generated messages or messages from an external device such as a smartphone. Message signing conditions may be checked and satisfied in the SCE before a digitally signed message is generated. Messages may be automatically signed if they satisfy specified conditions. The secure device may be used as part of a multisignature scheme in which a plurality of private keys are used to create a digital signature.