Skip to content
Banner Blogpost: Reclaim Digital Autonomy

Reclaim Digital Autonomy

07 February 2022| doi: 10.5281/zenodo.5931448

In today’s digital age, all of us depend on a number of large companies to mean well with us: to guard our data, or at least to not abuse it too much without asking. Even if we wanted, we cannot take things into our own hands and reclaim our digital autonomy because too much depends on too many system operators. To help small-time users and sysadmins to fight this dependence, Jan Götte and Björn Scheuermann from HIIG have developed Inertial Hardware Security Modules, or IHSMs. IHSM-equipped low-budget servers provide high security even outside of well-protected data centers and enable us to regain our Digital Autonomy.

Digital Dependencies

The rise of networked computers has revolutionized many aspects of our modern lives. However, in lock-step with all the quality of life improvements that the internet brought us, today we can observe a worrying trend of increasing digital dependency. ”Opting out” of the digital life on social media or e-commerce platforms becomes increasingly difficult to sustain. At the same time the power of these platforms over their users is steadily increasing. Anyone who has ever had their Twitter or Facebook account suspended for an alleged Terms of Service violation or who has been locked out of their Google or Amazon account will know how acute this dependency and lack of digital autonomy is. What the platform decides is law and therefore we have to accept complicated and frustrating “account verification” processes for unnamed “security reasons” There is no way for us as users to meaningfully challenge its decisions because we are the platform’s product, not its customers.

Do it Yourself

With policy solutions to this issue still being in the distant future, the next-best approach would be technical, in order to take things into our own hands. On this premise, open-source projects such as Nextcloud and Mastodon have created de-centralized alternatives to some of the big platforms. Open-source software has great potential, but DIY’ing has a drawback beyond the time spent on installing and maintaining these solutions. While open-source software has made great strides over the last decades and offers viable alternatives to many proprietary, centralized platforms today, this software still has to run on someone’s computer. This underlying physical infrastructure is where things get complicated. Today, the only real option to run one’s own digital infrastructure is to rent a server (or part of one) from one of a number of large cloud providers. And in this case, whoever runs the data center ultimately controls access to the data stored within.

At first, this fact of life might not seem concerning. After all, a data center operator would risk a lot if it compromised its customers’ security. However, in the past we have seen several physical attacks targeting high-value data (Example). Large companies can mitigate such attacks by tightly controlling their entire infrastructure, from the application software down to the data center’s access control systems. For smaller organizations and private individuals, this option does not exist. If we cannot even escape reliance on these large cloud providers if we run our own open-source software, the question becomes what we have really gained through our efforts.

Inertial Hardware Security Modules – first steps towards digital autonomy

At HIIG, Björn and I have asked ourselves if there might be ways to claw back control over our hardware in order to build a solid foundation for a decentralized software ecosystem.  If we can find a way thatsomeone much smaller than an Amazon or Google can build a special physically secure server that is invulnerable to physical attacks, this server can be put into any commercial data center. At the same time it is completely decoupling the security of the data stored in it from the operator of the data center around it.

With Inertial Hardware Security Modules (short, IHSMs) we believe we have developed a promising approach towards this problem. You can read the full paper here. The gist of our solution is that we are able to build an enclosure that physically protects a server from any attempt at siphoning off its secrets, no matter who tries to attack it. IHSMs are similar to a type of device used in payment processing applications called Hardware Security Modules. Both provide a similar level of security. The main difference is that IHSMs allow much larger systems to be protected and bump both size and computing power from that of a smartphone to that of a server. This is a difference of about factor 100 in space, processing power and cooling capacity. IHSMs are simple to construct and can be built with basic tools that can be found in most electronic labs.

IHSMs work by putting the server’s mainboard, CPU, and memory inside of a tamper detection “mesh”. This mesh is a very delicate component that will sense when someone tries to cut, drill or poke through it. When tampering is detected, an alarm is activated and all sensitive data inside the server is securely deleted. To make the tamper detection mesh itself hard to tamper with, this mesh is spinning at around the speed of a washing machine during its spin cycle.

Trusting and Un-trusting

In computer security terms, what we are doing with IHSMs is that we are “untrusting” the server’s physical environment. Computer security has a rather remarkable definition of trust that is pretty much the opposite of all the others. In computer security, trust is a de-facto property of something that we rely on as being good. In computer security, something trusted should be trustworthy (but does not have to be). Contrast that to the common-sense meaning, where something trustworthy should be trusted (but does not have to be).

Untrusting the data center gives us the chance to decouple software security from physical security. Using an IHSM, a comparably small organization such as the HIIG, the Chaos Computer Club, or a small company can operate software on a physical foundation that is as secure as that of the large cloud companies. With the benefit that no one but themselves holds the keys to the data.

Examples for applications where this increased security matters are group chats, cloud photo storages, and calendar and contact synchronization systems. All of these already encrypt the network connection between their user’s phone or laptop and the server, but only rarely encrypt the actual data stored on these servers.

Digital autonomy through your own secure servers

We envision a world where small organizations can gain digital autonomy by building their own secure servers that even a hostile secret service will not be able to compromise physically. As a first step towards this world, our paper is open access, and we have applied the principles of open-source hardware. All of our code and CAD models are available through git.


Our full paper introducing Inertial Hardware security Modules has been published at TCHES 22’1. You can download it for free here at the publisher’s website.

This post represents the view of the author and does not necessarily represent the view of the institute itself. For more information about the topics of these articles and associated research projects, please contact info@hiig.de.

Jan Sebastian Götte

Associated Researcher: Data, Actors, Infrastructure

Sign up for HIIG's Monthly Digest

and receive our latest blog articles.

Man sieht in Leuchtschrift das Wort "Ethical"

Digital Ethics

Whether civil society, politics or science – everyone seems to agree that the New Twenties will be characterised by digitalisation. But what about the tension of digital ethics? How do we create a digital transformation involving society as a whole, including people who either do not have the financial means or the necessary know-how to benefit from digitalisation?  And what do these comprehensive changes in our actions mean for democracy? In this dossier we want to address these questions and offer food for thought on how we can use digitalisation for the common good.

Discover all 11 articles

Further articles

Is the new EU directive for sustainability in AI a toothless paper tiger or a sharp and hungry lion?

A lion for sustainable AI: How to support a new standard for sustainability reporting?

The Sustainability of AI is missing proper standards. EU's CSRD might be a new directive. But is it a toothless paper tiger or a sharp lion?

EU-Kodex gegen Hack and Leak

The EU’s Regulatory Awakening? Hack-and-Leak Operations in the new EU Code on Disinformation

Digital Policy: The new EU Code on Disinformation might bring an end to platform’s arbitrary handling of hack-and-leak

Sustainable AI – How environmentally friendly is AI really?

Sustainable AI is becoming increasingly important. But how sustainable are AI models really?