Venkat's blog pages

HSM - The Key Never Leaves the Device

That's a great-sounding feature that we buy from HSM vendors. How critical is it to ensure the key never leaves the device?

First, the good things

The keys (secrets, private keys and encryption keys) are the most security-sensitive material which protect an identity or a resource. The private keys, in particlar, enable linking of a real-world entity with a corresponding digital (public) identity. So the biggest concern is how do we ensure that the keys do not land in the wrong hands. Traditional approach is, well, store the keys in such a place and in such a way so that only the owner can access them and others can't. This approach always worked for the real-world physical assets. We store them in strong vaults and lock them away.

But the weakest link decides the overall security

What's the weakest link in the above scenario?

It's the legitimate owner of the keys. The owner needs access, or be able to use the keys. So we need a way to enable this legitimate access. How does the device determine the legitimacy of the owner? Well, by asking some questions, which only the owner can answer. For example, a password, PIN, or a physical access card etc.

Aha, the weakest link is outside of the device, not inside. So, a hacker need not fight with the tamper-resistant device. They just need to impersonate the owner.

But wait, all hope is not lost!

There must be a reason why people buy the expensive hardware called HSM. What HSM provides is, the protection against data (key) theft by break-in into the device. Compare this to the data theft by breaking into a computer that has the data. HSM guarantees that one can't break into the device and walk away with the keys. A FIPS 140-2 Level-3 compliant device would zero all the secrets when a physical break-in is detected.

But then, how many data breaches have happened by using a physcal break-in into the computers?

The overall security

When a user submits a request to HSM for signing some data using their private key stored in the HSM, the user must somehow provide enough credentials to prove their ownership of the key. So, the overall security for the "usage of the key" boils down to the credentials which the user has to provide.

You could use the keys, but you can't steal them!

If I can use the keys, why do I care to steal them? Because, your usage is limited to the HSM which hosts the keys. If you can steal the keys, you can use them anywhere.

Wonder if this is made clear enough, in the HSM brochures.!