[Cryptech Tech] Key generation and storage

Fredrik Thulin fredrik at thulin.net
Wed Jan 28 13:37:52 UTC 2015

Previous message: [Cryptech Tech] Key generation and storage
Next message: [Cryptech Tech] Key generation and storage
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday, January 28, 2015 02:25:36 PM Jakob Schlyter wrote:
...
> 2. Key Store
> 
> Assumption: All keys must stored within the HSM security boundry.
> 
> Fact: The FPGA RAM has probably about 6 Mbit memory, so unless we have a
> very limited set of keys not all keys can be kept in the FPGA at all times.
...
> Recommendation: Key store in ARM flash, with export control integrated in
> ISMK store.

Did you consider keys stored *wrapped* in ARM flash, only unwrappable in FPGA? 
Couldn't really see that from your pro's and con's.

/Fredrik

Previous message: [Cryptech Tech] Key generation and storage
Next message: [Cryptech Tech] Key generation and storage
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list