[Cryptech Tech] Additional feature suggestions for Cryptech HSM
Joachim Strömbergson
joachim at secworks.se
Thu Feb 9 19:23:35 UTC 2017
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Aloha!
Thotheolh Tay wrote:
> Hi,
>
> I would like to suggest the following feature addition for Cryptech
> HSM for the future development.
>
> 1.) Embedded screen for status messages and attestation message
> display
>
> 2.) Embedded keypad for accepting/cancelling and probably simply
> PINpad
>
> 3.) Additional USB and/or smart card slot for smart card or USB
> tokens for management
>
> 4.) Secure Code Execution. User can load signed codes into the HSM
> and the HSM would use some sort of memory protection and management
> mechanism to isolate user loaded codes to securely execute inside the
> HSM.
>
> 5.) Internal Battery-Backed SRAM keystore for storing master HSM key
> using a small button battery.
>
> If these features have already been listed in some roadmap or
> already exists, you can ignore them.
I think all of them has at least been discussed. And there is a header
on the current version to add things like screen and keypad. The MKM
memory should be possible to be battery backed.
But it is really good to see what features people actually want to have.
Thanks!
- --
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
Joachim Strömbergson Secworks AB joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCAAGBQJYnMG3AAoJEF3cfFQkIuyNEv0QAIox4l//zEvPARxeRmBsOQ7q
zG3gLTbw1+1esuQKwn6dI0nG3hazSIkT6oZLD43m1AbSaF7sMU8XFJoceu7NEsie
Ii70YJHITfshfDoHinDgqCOupEOnHAiHJi/2RnT/471d3esynz/S62OsFHtR/vQT
1eslTRqH0e6sOSgdi1O1VqAk1TyPyXrFzRXil4yCP5kbl7s73wZs1+8UrFj5eYwV
SWVdZc/ILt5Q/A1LXMvjvyl4H3s7pJ7jPPCG+uTYVZFiKZ3rRyGRGEGev+8d+da5
0CQ0qA95dNGHCHFE4zvCAYrmcC+2SpFHI+nXAKGTjxJy0f4aFdF2BoRKO3GoAfXL
2UGGll1OHx4fFsWIGQNwsQziMLRrxo3LoYldd/o+aQWhMwzQySIisABmEB3tWvGN
DYA1jubwCA5EMMj1Az9UMlV82jDeqTxTheHTs5Wn2T7jbOLC5ucuug7VroandMLd
ls4u1ADD548//bl1CwJlRLQHLjMYfrGlee1bOtjj7+3OSTHLnuYWHtuwJ1mtdDFG
Q1jmYQXwI+A6wLnIemcQ4RVWQJ+IiS9Xkx15MpN1J+3NGGehmjBmexrcy1o0/ePo
qSc84T4Fh89gCqYMsezHZ6XBUnoBvDzHTq3w2Nuappsk3EkmmgRxvZaPpPgAV3AK
yS3fA0yNUt14yAQaXG64
=cfW2
-----END PGP SIGNATURE-----
More information about the Tech
mailing list