[Cryptech Tech] goals / use cases

Warren Kumari warren at kumari.net
Sat Jan 31 02:43:31 UTC 2015


On Friday, January 30, 2015, Peter Gutmann <pgut001 at cs.auckland.ac.nz>
wrote:

> Warren Kumari <warren at kumari.net <javascript:;>> writes:
>
> >The keys (eventually) live in a widget in a security envelope, that gets
> >wrapped in e.g fine wire mesh and then dunked in epoxy with environmental
> >sensors for extreme cold, vibration, light, etc and integrated battery to
> >zeroize when it senses tamper. The standard "real" HSM type stuff.
>
> Do you have any idea just how *hard* it is to do that?



Yup, stupidly hard to do well and right.


> This is something for
> release 3.x, or maybe 4.x, when all of the other problems have been sorted
> out.
>
> >I have a feeling we are talking past each other soemwhere...
>
> Not really.  I'm trying to point out that while you can wish for anything
> you
> want in an HSM (for example I know some folks who'd pay very good money
> for a
> compact, radiation-hardened HSM that'll run off a 48V bus, but I'm not
> going
> to add that to the wishlist), you need to set some practical, achievable
> goals.


I missed the partly rhetorical tone of your question and thought you really
were asking what prevents an attacker with access to a full blown HSM from
just reading out the keys... but I know that you already understand all
this, which is why I was very confused.



>
> If I was asked to budget for what's being wished for, and completely
> pulling
> this out of thin air since I haven't sat down to figure it out in detail,
> I'd
> ask for 3-4 hand-picked FTE's (i.e. I'd choose people I knew had lots of
> experience in doing this), a minimum of several years to produce something
> (there's a lot more R than D going to be involved in product R&D), and a
> budget in the 6-7 figure range.
>
> Implementing all of what's on the (apparent) wishlist is a really huge
> project.  What I'm trying to do is point out that we need to set priorities
> for some of the goals, this ==> is achievable within X months and Y cost so
> worth doing, this ==> will take X more months and Y cost and should be
> deferred until version 2, that sort of thing.


> Peter.
>
>
>

-- 
I don't think the execution is relevant when it was obviously a bad idea in
the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair of
pants.
   ---maf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cryptech.is/archives/tech/attachments/20150130/7b3c1d01/attachment.html>


More information about the Tech mailing list