[Cryptech Tech] Restricting FPGA signing
Basil Dolmatov
dol at reedcat.net
Sun Feb 1 06:42:28 UTC 2015
31 янв. 2015 г., в 17:30, Jakob Schlyter <jakob at kirei.se> написал(а):
> On 31 jan 2015, at 09:37, Basil Dolmatov <dol at reedcat.net> wrote:
>>
>> I would not go that way...
>> Resource-consuming "Security Theatre" © with no threats mitigating.
>
> I do not agree.
>
> At some point we want the HSM to sign only things it can parse and that is compliant with the configured policy. The restricted mode I described is half of this (the other half is the inspection code in the ARM). One threat mitigated is the compromised host signing things valid in the future.
If HSM parses input and checks it against some policies, then it can do it more than once,
So, proposed algorithm has nothing with additional secuirty, it just can add performance to the security procedure which has been already set.
I think that we should think about performance issues when we will have definite performance constraints and we will see that we should do some additional logic thing to fit.
>
> jakob
>
More information about the Tech
mailing list