Nothing. But if the keys weren't stored in an HSM (seems likely), attackers getting one of them implies they could get the others as well.

▲

firesteelrain 5 hours ago | parent [-]

HSM or TPM?

▲

EPWN3D 2 minutes ago | parent | next [-]

The story implies that these are signing keys, so there is no reason for the private halves to be present in the product's silicon in any form. If these were encryption keys stored in a TPM, they'd have been extracted not leaked.

▲

wolvoleo 4 hours ago | parent | prev | next [-]

A TPM is a form of HSM (Hardware Security Module).

HSMs come in all sizes, from a chip in your phone (secure element) or even a dedicated part of a SoC chip, to a big box in a datacenter that can handle tons of requests per second.

The idea is having dedicated hardware to protect the private key material. This hardware can execute signing operations, so it can use the key but it can't share the key material itself. It is usually also physically hardened with techniques to extract said keys, like sidechannel attacks based on power draw, X-ray inspection, decapping etc.

▲

firesteelrain 2 hours ago | parent [-]

Thanks - I know the difference

This also sounds very AI-like

	▲	wolvoleo an hour ago \| parent [-]
		I'm not AI and I didn't use it for that, I just thought it was a genuine question and tried to explain it clearly :) I don't really get why anyone would let an AI put random comments on discussions anyway but that's another story.

▲

tosti 4 hours ago | parent | prev [-]

Hypothetically Secure Memory

(I guess)