1. Introduction
This article outlines the hardware and infrastructure components used during the Proof-of-Concept (POC) phase of Virifi's Solution Proposal for the CBJ Digital Signature Challenge. It also explains several critical design choices made to ensure compliance, security, and operational integrity.
2. Hardware and Infrastructure Used During the POC
The following hardware was deployed and configured during the POC:
Hardware/Component | Purpose |
Intel NUC i3 | Lightweight compute node for backend services and test automation. |
HP Pro Mini G400 | Secondary server for SDK, backend, and mobile integration tests. |
Swissbit iShield HSM (On-Premise) | Hardware Security Module (HSM) for secure key generation and signing operations. |
Securosys Cloud HSM | Cloud-based HSM SBX for key management and remote signing. |
Yubikey 5 FIPS 140 | FIPS 140-2 validated secure authentication device for signing demonstrations. |
Fortigate F70 | Secure network perimeter protection and VPN access control. |
Fiber Connection and WiFi | High-speed internet for stable system connectivity and remote demonstrations. |
iPhones (iOS 18+) | Used for testing the iOS SDK, Secure Enclave integration, and mobile signature workflows. |
Samsung Android Phones (Android 14+) | Used for testing the Android SDK, Android Keystore integration, and mobile signing flows. |
Web Browsers (Safari, Edge, Chrome) | Used to test the Web SDK integration, mutual TLS authentication, and signing flows in major desktop environments. |
Various Mac, Windows 11, and Ubuntu Machines | Used for general testing. |
3. Security and Authentication Design Choices
3.1 Opting Out of SMS OTP Authentication
Virifi's Solution Proposal intentionally avoids SMS-based One-Time Password (OTP) authentication due to its well-documented security vulnerabilities, as outlined by Okta and other industry leaders:
SIM Swapping and Hacking: Attackers can transfer a victim's phone number to a malicious device or intercept SMS codes.
Device Loss or Sync Risks: Lost or synced devices can expose authentication codes.
Online Account Takeover: Weakly protected wireless carrier accounts can be exploited to intercept SMS messages.
Social Engineering: Phishing attacks can trick users into sharing OTP codes.
Cost and Complexity: Maintaining SMS infrastructure is costly and exposes organizations to potential catastrophic breaches.
Instead, Virifi emphasizes the use of:
Secure Enclaves (iOS Secure Enclave, Android Keystore)
FIDO2/WebAuthn Authentication (via YubiKey 5 FIPS)
Mutual TLS (mTLS) with CBJ-issued certificates
This ensures a significantly higher assurance level for user and system authentication.
4. Design Decision: Private Blockchain Consideration
While private blockchain solutions were initially evaluated, they were ultimately excluded from the POC architecture.
Reasons for this decision include:
eIDAS Compliance Challenges: Blockchain immutability conflicts with GDPR and eIDAS requirements for data rectification and right to erasure.
Complexity vs. Value: Blockchain would unnecessarily complicate the trust framework already established by CBJ PKI.
Operational Overhead: Managing private blockchain nodes would introduce scalability and auditing challenges beyond CBJ’s trust expectations.
Instead, Virifi fully relies on standard PKI trust anchors, OCSP/CRL revocation mechanisms, and timestamp authorities (TSAs) compliant with CBJ’s policies.
5. Design Decision: Use of EU DSS Library
Virifi's Solution Proposal utilizes the EU DSS (Digital Signature Services) Java library for critical signing and validation operations. This decision was made to:
Maximize Standards Compliance: EU DSS aligns with ETSI eIDAS signature formats (PAdES, XAdES, CAdES, JAdES).
Support Long-Term Validation (LTV): Enables signature profiles B, B-T, LT, and LTA required by CBJ.
Accelerate Certification: EU DSS is widely recognized by European regulatory bodies, reducing audit friction.
Ensure Interoperability: Seamless validation against third-party signature validators used by CBJ and affiliated institutions.
6. Summary
Virifi's Solution Proposal leverages secure, standards-compliant infrastructure components, authentication mechanisms, and design philosophies that align closely with CBJ regulatory requirements. Critical technology decisions were made to prioritize security, interoperability, and future-proof compliance throughout the POC and production deployments.