2 HSM Technology Today Security Requirements Over the years, the security requirements of HSMs have remained essentially the same, satisfying the following needs: Protection against attacks on the HSM device hardware – tamper resistant Protection from side channel attacks, such as timing attacks and differential power analysis (so attacks that draw conclusions on the keys based on timebased behavior or power consumption of the devices) Protection of the cryptographic application environment Protection of the software environment from tampering and loading of third-party programs Generation of keys by an authentic true random number generator Support of all cryptographic operations currently established (signing, encrypting and so on) These are the fundamental, across-the-board requirements that define HSMs. (We intentionally omit the whole subject of interfaces at this point, and discuss this in detail in Chapter 3.) For more information on hardware tamper mechanisms, please visit https://hsm.utimaco.com, which covers in detail tamper resistance, tamper evidence, tamper detection and tamper response. HSM Design Principles The fundamental design principle for HSMs is independence of the cryptographic coprocessor from the host system with its application and interfaces. All communication uses a defined channel between the application and HSM. Furthermore, a clear-cut security boundary between the HSM computing system and the outside world must be established. The defined delineation also means clear-cut separation of storage areas for the secretive data in the HSM. Only the firmware inside the HSM may address the areas within the security zone. All other hardware and software outside the security zone (such as cable baseboards and client software, APIs and authentication tokens) are necessary for using the HSMs, but they aren’t able to access directly the elements in the secure area. 17
HSM_for_Dummies
To see the actual publication please follow the link above