[Cryptech Tech] Fwd: Question regarding Trusted Path Authentication

[Leif Johansson]

On 12/18/2014 05:21 AM, Peter Gutmann wrote:
> Randy Bush <randy at psg.com> quotes Tomofumi Okubo <tomokubo at verisign.com>:
> 
>> The question I had during the session is regarding the Trusted Path 
>> Authentication.  This is popular for HSM usage in military, financial 
>> institutions and commercial CAs. They use Trusted Path Authentication to 
>> split the authority to access to the HSM. During the initialization of the 
>> HSM, multiple credentials are created using the secret sharing scheme so that 
>> it requires M out of N people to perform an operation on the HSM. Per 
>> FIPS140, this does not necessarily have to use physical credentials so it 
>> shouldn¹t be too messy to implement.
> 
> It's actually really, really hard to implement, hard to document, and hard to 
> use.  I use this in my book as an example of something that seems quite simple 
> (and desirable to have as a feature) until you start thinking about it, and 
> then the more you think about it the harder it gets.  If you don't believe me, 
> sit down and write out the API required, the data formats, the order and form 
> in which the API is called to set things up, the user interface both for when 
> things go right and when they go wrong, the procedures required to use it, and 
> so on.
> 
> This is a feature that can go on the wishlist if required, but a long, long 
> way down.
> 

Just curious: what is the bcp m-b-n scheme folks implement... is it
still shamirs?

	Cheers Leif