[Cryptech Tech] Fwd: Question regarding Trusted Path Authentication

[Leif Johansson]

On 12/17/2014 06:20 AM, Randy Bush wrote:
> From: Tomofumi Okubo <tomokubo at verisign.com>
> Subject: Question regarding Trusted Path Authentication
> To: Randy Bush <randy at psg.com>
> Date: Tue, 16 Dec 2014 21:18:02 +0000
> 
> Dear Randy,
> 
> Thank you very much for the talk today. It was exciting!
> I now see a tremendous possibility in the open design HSM project.
> 
> The question I had during the session is regarding the Trusted Path
> Authentication.

This matches my personal experience with some HSM platforms. During our
initial scoping exercises (esp. at the first IETF bof in Vancouver) the
need for "M-by-N" in some form was identified by several people.

> 
> This is popular for HSM usage in military, financial institutions and
> commercial CAs. They use Trusted Path Authentication to split the
> authority to access to the HSM. During the initialization of the HSM,
> multiple credentials are created using the secret sharing scheme so that
> it requires M out of N people to perform an operation on the HSM. Per
> FIPS140, this does not necessarily have to use physical credentials so it
> shouldn¹t be too messy to implement.
> 
> I¹d like to see a future that everybody who needs an HSM can buy a HSM at
> a reasonable price. Not just a HSM but a good one. It would be nice to see
> someone manufacture a clean implementation of the open design HSM and get
> certified by the various bodies and then sell it at a significantly lower
> price.
> 
> Just my two cents.
> 
> Thanks and best regards,
> Tomofumi Okubo
> 
> Sr. Engineer, Applied Security
> Verisign, Inc.
> 12061 Bluemont Way Reston, VA 20190
> +1-571-446-1834 (mobile)
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://lists.cryptech.is/listinfo/tech
>