Hardware Key Operations

Perform secure signing and encryption using hardware-backed private keys.

Overview

GetTrusted leverages Secure Enclave (Apple) and StrongBox (Android) to generate and store non-exportable private keys. All cryptographic operations (signing, decryption) happen inside hardware, ensuring the private key is never exposed.

Process Flow

Cryptographic Summary

Component

Platform

Algorithm

Key Size

Exportable

Notes

Secure Enclave

iOS/macOS

ECDSA P-256

256 bit

❌

Biometric-protected

StrongBox

Android

ECDSA P-256

256 bit

❌

Biometric-protected

Signing

SHA256withECDSA

256 bit

N/A

In-hardware execution

Encryption

AES-GCM

256 bit

N/A

Session encryption

Security Guarantees

Private keys are generated and remain inside secure hardware.
Biometric gates prevent unauthorized use.
Hardware attestation ensures key provenance.
Keys persist securely across app reinstalls but cannot be extracted.

Strategic Implications

GetTrusted’s hardware integration makes cryptographic identity human-verifiable and hardware-rooted. Even physical compromise typically cannot reveal secrets security extends from silicon to software.

PreviousSDK Implementation Overview NextLocal Data Encryption

Last updated 5 months ago

hashtagOverview

hashtagProcess Flow

hashtagCryptographic Summary

hashtagSecurity Guarantees

hashtagStrategic Implications

Overview

Process Flow

Cryptographic Summary

Security Guarantees

Strategic Implications