[Cryptech Tech] road to berlin

[Rob Austein]

At Tue, 26 Apr 2016 10:49:47 +0200,  Fredrik Thulin wrote:
> On Monday, April 25, 2016 05:34:49 PM Paul Selkirk wrote:
> ...
> > 3. RPC client: This runs on a PC on the other end of the USB cable.
> > Currently it's a static library (libhal hal_rpc_* functions), but it
> > needs to be able to handle multiple clients, with responses coming back
> > in a potentially arbitrary order, so I *think* it needs to be a shared
> > library with a communications thread. In any case, it's what I'm working
> > on now.
> 
> Maybe a host multiplexing daemon? I'm thinking roughly:
> 
> Application specific PSKs are configured over the admin interface
> 
> Daemon opens USB port
> 
> Daemon exposes UNIX/TCP socket, allowing multiple clients to connect (using 
> TLS, if TCP is used)
> 
> Applications sends requests to the daemon over UNIX/TCP socket
> 
> Applications use their PSKs to assure e2e integrity and confidentiality with 
> the hardware
> 
> Daemon handles any needed queuing and response routing back to the 
> applications

Yes, this is roughly what we discussed in some previous iteration, a
daemon to handle multiplexing of an arbitrary number of PKCS #11
clients into a single physical communication channel with the HSM.

Security architecture of the above needs work.  PSKs not obvious to me
here, probably need to back up to first principals (who is
authenticating what to whom, who is protecting whom from what, who is
responsible for storing/erasing/configuring what (and how), etc).

I had a proposal for this a while back, no longer recall how widely I
circulated it or how completely I had fleshed out this sort of detail.
Probably have it archived, somewhere.