问题
We are implementing safety-critical system, where the FIPS 140-2 compliant HSM (hardware security module) is required to generate and store key material, perform encryption/decryption and run custom code with the following requirements set for the custom module:
- Module is available over RPC
- Module has access to all HSM keys and services
- Module has in-memory and persistent storage (1+ MB both)
- Module memory is secured (FIPS 140-2 level 3+)
As for the HSM services itself, it is required to:
- Support AES, RSA and HMAC
- Has aliases for keys
- Generate new keys with alias over the PKCS11 interface
- Retrieve public key and certificate with alias over the PKCS11 interface
- Delete keys with alias over the PKCS11 interface
As there is very little information available about HSM products due the NDA, it is very hard to evaluate the requirements and options. Are these requirement met by any standards, or by vendor specific solutions, such as Utimaco?
回答1:
If you really need to run custom code inside the HSM device you have several choices across several vendors:
SafeNet ProtectServer (and SafeNet Luna Network/PCIe HSM since version 7.4)
SafeNet ProtectServer HSMs offer a unique level of flexibility for application developers to create their own firmware and execute it within the secure confines of the HSM. Known as functionality modules, the toolkits provide a comprehensive facility to develop and deploy custom firmware.
Thales nShield (CodeSafe)
Most nShield HSMs also support the unique ability to host critical applications within the hardened security boundary, so you can establish tamper-resistant business processes in addition to protecting cryptographic operations.
Utimaco CryptoServer (SDK)
The CryptoServer Software Development Kit (SDK) is the professional development environment for all Utimaco Hardware Security Modules. It enables integrators and end-users to create specific applications, e.g. proprietary algorithms, custom key derivation procedures or complex protocols that run in the tamper-proof environment of the CryptoServer Hardware Security Module. As the SDK provides full access to the Utimaco base firmware, custom firmware modules can be developed in a very short time frame.
My bet is that if you really need FIPS 140 certification you would need to certify your custom code running inside HSM as well (as such code is very powerful and can e.g. bypass access control, extract keys in plain text... -- thus it breaks any security assumptions easily).
Your requirements should be fulfillable by any of the products (even without running custom code inside the HSM -- it depends on the level of control your application needs).
Good luck!
Disclaimer: I am no crypto expert, so please do validate my thoughts.
来源:https://stackoverflow.com/questions/52903154/hsm-and-custom-module