[Cryptech Tech] Security assurance

olle at nxs.se olle at nxs.se
Fri May 13 11:17:20 UTC 2016

Previous message (by thread): [Cryptech Tech] Alpha status
Next message (by thread): [Cryptech Tech] Security assurance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi!

I have been thinking about helping out for a while now, but have had
trouble finding the time.

One thing I believe the project is sorely lacking is a strategy for
putting the "S" in HSM.  What makes an HSM "secure"? I would argue that
ultimately it means it should be suitable for the purpose intended by
the user, or put differently, it should meet ow the expectations the
user has with regards to security properties. The project needs to
define what these security properties should be.

Another important aspect is assurance. How can the user know that the
HSM is safe for the intended use and that it has the required security
properties. Vendors of commercial products provide little assurance,
arguing instead "we know what we're doing, trust us".  Most open source
projects aren't any better, relying on openness to somehow provide
assurance without any verification. For OpenHSM to be useful it needs an
assurance strategy.

What do you think about these as a start for a list of claimed security
properties:

Mandatory:
 - All uses of externally invocable functionality in the OpenHSM can be
   attributed to an authorized subject
 - The cryptographic functions provided by the OpenHSM are always
   performed in a manner consistent with their specification
 - Secret key material generated by the OpenHSM meets all requirements
   for safe use with the intended cryptographic functionality
 - Secret key material generated by or stored in the OpenHSM is only
   recoverable by physically tampering with the OpenHSM functionality
 - The OpenHSM resists logical attacks on integrity of function for all
   externally accessible interfaces
 - The operational guidance supplied with the OpenHSM is sufficient to
   enable the intended user to safely use the OpenHSM

Optional:
 - All attempts at physically tampering with the OpenHSM functionality
   will result in easily discoverable evidence.

If we could establish the reasonable expectations a user of OpenHSM can
have, with regards to security properties, then I would be happy to
contribute work on derived security requirements and an assurance case.

Cheers,

/olle

Previous message (by thread): [Cryptech Tech] Alpha status
Next message (by thread): [Cryptech Tech] Security assurance
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list