IETF Logo Mail Archive

Re: [TLS] TLS and hardware security modules - some issues related to PKCS11

"Salz, Rich" <rsalz@akamai.com> Tue, 17 September 2013 16:00 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E291611E8289 for <tls@ietfa.amsl.com>; Tue, 17 Sep 2013 09:00:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kfvgFOtpbykc for <tls@ietfa.amsl.com>; Tue, 17 Sep 2013 09:00:51 -0700 (PDT)
Received: from prod-mail-xrelay02.akamai.com (prod-mail-xrelay02.akamai.com [72.246.2.14]) by ietfa.amsl.com (Postfix) with ESMTP id 7D9FA11E8491 for <tls@ietf.org>; Tue, 17 Sep 2013 09:00:50 -0700 (PDT)
Received: from prod-mail-xrelay02.akamai.com (localhost [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id CDD00280E3; Tue, 17 Sep 2013 16:00:49 +0000 (GMT)
Received: from prod-mail-relay06.akamai.com (prod-mail-relay06.akamai.com [172.17.120.126]) by prod-mail-xrelay02.akamai.com (Postfix) with ESMTP id BBF82280AE; Tue, 17 Sep 2013 16:00:49 +0000 (GMT)
Received: from usma1ex-cashub.kendall.corp.akamai.com (usma1ex-cashub6.kendall.corp.akamai.com [172.27.105.22]) by prod-mail-relay06.akamai.com (Postfix) with ESMTP id B3A6F2047; Tue, 17 Sep 2013 16:00:49 +0000 (GMT)
Received: from USMBX1.msg.corp.akamai.com ([172.27.107.26]) by USMA1EX-CASHUB6.kendall.corp.akamai.com ([172.27.105.22]) with mapi; Tue, 17 Sep 2013 12:00:42 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Michael StJohns <msj@nthpermutation.com>
Date: Tue, 17 Sep 2013 12:00:41 -0400
Thread-Topic: [TLS] TLS and hardware security modules - some issues related to PKCS11
Thread-Index: Ac6zvQ4+nnHvqRhaQ0KPbczYXRDsRAAATLLw
Message-ID: <2A0EFB9C05D0164E98F19BB0AF3708C711D4594339@USMBX1.msg.corp.akamai.com>
References: <20130917124948.8DEFB1A974@ld9781.wdf.sap.corp> <52387927.4030007@nthpermutation.com>
In-Reply-To: <52387927.4030007@nthpermutation.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] TLS and hardware security modules - some issues related to PKCS11
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Sep 2013 16:01:00 -0000

>I want to protect inside of the HSM all of the following:
>a) the private keys related to the server or client identity
>b) the pre-master key
>c) the master key
>d) the session keys.
>I want to be able to do all the cryptographic processing inside that module and only allow out true plain text.

The programming model for such a beast is probably more like an I/O processor than an HSM.  You need input and output "local plaintext" data streams, and the same for "to/from the network crypto streams."  And ways to signal "I can't give you more plaintext until you write this on the network and get more data back from the other side."  And so on.

Have you seen a market need for this kind of thing?  Have you got an API designed?  I'd be curious about both.

I also don't understand why you do not trust the host software with the ability to decrypt its own data (i.e,. session) when you don't have control over what it does with the plaintext, like copy it over to an adversary directly.

	/r$
 
--  
Principal Security Engineer
Akamai Technology
Cambridge, MA

v2.23.0 | Report a Bug | By Email