Why have hardware security modules (HSMs) become the standard for securing the foundation of any modern crypto system? These are devices specifically created to protect and manage digital keys for strong authentication and to provide cryptoprocessing.
Because they play such a crucial role in securing applications and infrastructure, HSMs are typically certified to internationally recognized standards. They provide a secure platform for managing cryptographic keys and their use over the lifecycle of both cryptographic material and associated data.
Guest article by Peter DiToro, VP, Customer Service (professional services), Thales e-Security
However, even given the vast progress in crypto system design, power, and flexibility, one factor remains painfully true: A breach of cryptographic keys destroys the integrity of any crypto system, no matter how elegant its implementation.
When cryptography was first implemented on the Internet, no one knew how important it would become – but the advent of IoT and BYOD is highlighting its critical nature. The number of “things” attached to and communicating over the Internet will reach 6.4 billion in 2016 according to Garner Group, an Internet consultancy. Each of these “things” can assume an identity, secure a communications channel, gather up data on its environment, and share that data widely.
Clever cryptography will form the basis for establishing IoT identities and protecting the resulting flood of data. HSMs provide the highest level of trust and protection available when establishing and protecting the cryptographic infrastructure on which trust in a fully functional IoT depends.
There are two primary reasons, though, that the use of HSMs has not been more widespread. First, HSMs are expensive. Second, the niche and often arcane world of crypto is not well-understood within the broader IT community. As cryptographic applications have surged into the mainstream, it can be tempting to cut corners and deploy sensitive cryptographic operations without sufficient protection.
A little over a decade ago, only about two percent of crypto was performed in an HSM. Until the recent explosion in crypto deployments and the concomitant surge in highly public breaches, little thought was given to securing the foundational aspects of key generation, key management, and protection of core crypto applications. Things just had to work to pass first-level scrutiny.
This was, of course, until the IoT came along and complicated matters. A smartphone, for example, has to have an identity. It stores encryption keys and digital certificates. It can easily become a proxy for its owner’s identity in transacting over the Internet.
Suddenly, we find ourselves transacting with countless things on the Internet, hoping to trust digital identities and the intent of their creators. Now, HSMs, the means by which trustworthy digital identities are secured, have become more pertinent. The risk of brand and identity damage caused by exploitation of a weak crypto system dwarfs the cost and hassle of HSM deployment. Shortcuts no longer make sense, even in the stingiest application environments.
All devices intended for IoT connectivity must have an identity, most likely based on digital certificates issued by a Public Key Infrastructure (PKI). When an autonomous entity on the Internet, be it a help bot from a major retailer or your home security system, presents its credential and asserts an identity and associated trust level, you want to be able to rely on it.
This means, as a first principal, that the cryptographic materials that underpin that identity cannot be forged or stolen. You want to transact with the intended entity and not some fraudulent man in the middle.
Device manufacturers today create digital certificates and keys for their devices – connected home thermostats, smartphones, and so on. All of these devices need to identify themselves. We assume, often wistfully, that the cryptographic infrastructure that underpins the integrity of these identity assertions is solid.
Suddenly, the idea that one’s keys and PKI could get compromised and millions of devices could be put in jeopardy hits home. The scope of the business problem rises from an interesting niche case to one with existential implications for modern eCommerce.
Consider these examples
The Heartbleed bug offers a cautionary tale of just how real this threat is. Heartbleed, a serious vulnerability in the popular OpenSSL cryptographic software library, provides a real-world example of what can go wrong.
Heartbleed acts like a guided missile looking for SSL keys. Once a hacker exfiltrates a copy of these keys, he or she can act as a man in the middle. But Heartbleed was a memory scraper: It works only if the organization is doing its crypto on the server, in which case the keys are in plain text in memory. However, if the organization is securing its SSL keys within an HSM, Heartbleed can’t see them.
Another real worst-case scenario can be found in the infamous Stuxnet attack. The Stuxnet authors stole code-signing certificates and their associated private keys from a pair of Taiwanese component manufacturers. This enabled the worm to replicate itself across servers, quietly installing copies of itself using stolen code signing keys to mask its origin and intent. If those code-signing keys had been maintained and used within an HSM, Stuxnet would have happened to someone else.
Practical steps for data security
A cryptographic system rises or falls on the integrity of its key management systems and practices. For example, if the root key of a PKI is compromised, the entire system collapses. To avoid scenarios like Heartbleed and Stuxnet, follow these simple best practices:
- Protect what’s important. It’s too risky to leave data in the clear during any phase of its lifecycle; encrypt all that is critical.
- Categorize your data. To encrypt your data effectively, you have to know where it is, which means you have to begin the process of data categorization.
- Invest in security. HSMs provide a hardened, secure root of trust to enable a higher degree of security when deploying cryptographic technology.
- Forget the software option. Promise yourself that the keys will only be used within the parameters of an HSM.
- Learn the tool. Using crypto wisely implies understanding how it works. Invest in your people and in the basic building blocks of cryptographic technology. You’ll increase the probability of a secure deployment and scare off the majority of attackers.
The more things change, the more they stay the same. While the Internet has changed dramatically since its inception, the fundamental need for security has not. HSMs have been available to secure cryptographic keys and their associated data for much of that time, and now that the IoT is making the Internet less and less secure, the need for HSMs has only increased.
Particularly for organizations generating and managing a high volume of keys, the cost of HSMs is quickly outweighed by the potential disaster of not having them. Rather than being a luxury, HSMs are now table stakes for doing business in the IoT era.
Peter DiToro leads both professional services and post sales support teams for Thales e-Security. They design, develop, deliver, and support cyber solutions for complex security problems using strong cryptography and hardware-based encryption key management.