Don’t base your security on a fixed secret, in other words don’t use Public Key Cryptography (PKI) – someone will know the private key and you can be compromised and not know about it.

Exhibit 1: Dell’s recent debacle:

http://www.computerworld.com/article/3007981/security/what-you-need-to-know-about-dells-root-certificate-security-debacle.html 

Exhibit 2: U2F /Fido Authentication is based on the attestation key being secret- if not than clones proliferate and security is reduced to password security!

https://fidoalliance.org/specs/fido-u2f-v1.0-ps-20141009/fido-u2f-overview-ps-20141009.html

CASQUE SNR does not use PKI