2 HSM Technology Today
Security Requirements
Over the years, the security requirements of HSMs have remained essentially the
same, satisfying the following needs:
Protection against attacks on the HSM device hardware – tamper resistant
Protection from side channel attacks, such as timing attacks and differential
power analysis (so attacks that draw conclusions on the keys based on timebased
behavior or power consumption of the devices)
Protection of the cryptographic application environment
Protection of the software environment from tampering and loading of
third-party programs
Generation of keys by an authentic true random number generator
Support of all cryptographic operations currently established (signing, encrypting
and so on)
These are the fundamental, across-the-board requirements that define HSMs.
(We intentionally omit the whole subject of interfaces at this point, and discuss
this in detail in Chapter 3.)
For more information on hardware tamper mechanisms, please visit
https://hsm.utimaco.com, which covers in detail tamper resistance,
tamper evidence, tamper detection and tamper response.
HSM Design Principles
The fundamental design principle for HSMs is independence of the cryptographic
coprocessor from the host system with its application and interfaces. All communication
uses a defined channel between the application and HSM. Furthermore,
a clear-cut security boundary between the HSM computing system and
the outside world must be established.
The defined delineation also means clear-cut separation of storage areas for the
secretive data in the HSM. Only the firmware inside the HSM may address the
areas within the security zone. All other hardware and software outside the security
zone (such as cable baseboards and client software, APIs and authentication
tokens) are necessary for using the HSMs, but they aren’t able to access directly
the elements in the secure area.
17
/hsm.utimaco.com
