Hierophant uses Hardware-Protected Keys by leveraging Trusted Execution Environments (TEEs) or equivalent secure hardware enclaves when data exchange being operated via microcontrollers. This approach is critical because software-only key protection is insufficient against sophisticated adversaries who may compromise the main operating system of a device. By isolating cryptographic keys and operations at the hardware level, Hierophant provides a foundational layer of security that is resistant to a wide range of attacks, including malware, rootkits, and even strong physical tampering attempts.
In Hierophant's architecture, all cryptographic keys are managed exclusively within the TEE of a user's device, such as a smartphone or laptop, or within dedicated security chips on microcontrollers. These keys never leave this secure, isolated environment in plaintext form.
Crucially, all sensitive cryptographic operations—specifically the encryption and decryption of messages—are performed only inside the TEE. The main operating system or other applications on the device do not have direct access to the keys, nor do they perform these cryptographic functions themselves. Instead, data to be encrypted is passed into the TEE, processed securely within it, and the resulting ciphertext is passed out. Similarly, ciphertext to be decrypted is passed into the TEE, and only the plaintext is released to the authorized application component, if appropriate.
This hardware-enforced segregation ensures that even if the device's primary operating system is compromised, the cryptographic keys remain confidential and their integrity is maintained. The TEE acts as a secure vault and a protected processing unit, ensuring that the core of Hierophant's security—its cryptographic guarantees—is anchored in hardware, providing a defense against advanced threats.