Hardware security modules (HSMs) are specialized devices designed to exacting standards (most often set by governments) and used to protect cryptographic keys both at rest and in use. Electro-mechanical means of encrypting secrets and protecting the means by which we do so trace their roots back to devices like the German Enigma and the Allied SIGABA. Today’s digital HSM provides a secure platform for managing cryptographic keys and their use over the life cycle of both cryptographic material and associated data. However, even given the vast progress in crypto system design, power and flexibility, one factor remains painfully true: a breach of cryptographic keys destroys the integrity of any crypto system, no matter how elegant its implementation. The HSM has become the de facto standard for securing the foundation of any modern crypto system.
In the era of IoT and BYOD, cryptography has assumed an importance largely unforeseen by the evangelists of the early days of modern, applied crypto. The number of “things” attached to and communicating over the Internet will reach 6.4 Billion in 2016 according to Garner Group, an Internet consultancy. Each of these “things” can assume an identity, secure a communications channel, gather up data on its environment and share that data widely. Clever cryptography will form the basis for establishing IoT identities and protecting the resulting flood of data. HSMs provide the highest level of trust and protection available when it comes to establishing and protecting the cryptographic infrastructure on which trust in a fully functional IoT depends.
HSMs, however, are expensive. In addition, the niche and often arcane world of crypto is not well understood within the broader IT community. As cryptographic applications have surged into the mainstream, it can be tempting to cut corners, to deploy sensitive cryptographic operations without sufficient protection. A little over a decade ago, only about two percent of crypto was performed in an HSM. Until the recent explosion in crypto deployments and the concomitant surge in highly public breaches, little thought was given to securing the foundational aspects of key generation, key management and protection of core crypto applications. Things just had to work to pass first-level scrutiny.
The Internet—and the Internet of Things—changed everything. A smartphone, for instance, has to have an identity. It stores encryption keys and digital certificates. It can easily become a proxy for its owner’s identity in transacting over the Internet. Suddenly, we find ourselves transacting with countless things on the Internet, hoping to trust digital identities and the intent of their creators. Now, HSMs, the means by which trustworthy digital identities are secured, have become more pertinent. The risk of brand and identity damage caused by exploitation of a weak crypto system dwarfs the cost and hassle of HSM deployment. Shortcuts no longer make sense, even in the most parsimonious applications environments.
Any company that wants to market something for the Internet of Things must endow their creations with identities, most likely based on digital certificates issued by a Public Key Infrastructure (PKI). When an autonomous entity on the Internet, be it a help bot from a major retailer or your home security system, presents its credential and asserts an identity and associated trust level, you want to be able to rely on it. This means, as a first principal, that the cryptographic materials that underpin that identity cannot be forged or stolen. You want to trust that you are transacting with the intended entity and not some fraudulent man in the middle.
Today, thousands of device manufacturers are creating digital certificates and keys for their devices – gaming consoles, smartphones and so on. All of these devices need to identify themselves. We assume, often wistfully, that the cryptographic infrastructure that underpins the integrity of these identity assertions is solid. Suddenly, the idea that one’s keys and PKI could get compromised and millions of devices could be put in jeopardy hits home. The scope of the business problem rises from an interesting niche problem set to one with existential implications for modern eCommerce.
The Danger is Real
The threat here is not theoretical. The Heartbleed bug, a serious vulnerability in the popular OpenSSL cryptographic software library, provides a real-world example of what can go wrong. Heartbleed acts like a guided missile looking for SSL keys. Once a hacker exfiltrates a copy of those keys, he or she can act as a man in the middle. But Heartbleed was a memory scraper; it works only if the organization is doing its crypto on the server, in which case the keys are in plain text in memory. However, if the organization is securing its SSL keys within an HSM, Heartbleed can’t see them.
Stuxnet provides another cautionary tale. The Stuxnet authors stole code-signing certificates and their associated private keys from a pair of hapless Taiwanese component manufacturers. This enabled the Worm to replicate itself across servers, quietly installing copies of itself using stolen code signing keys to mask its origin and intent. If those code signing keys had been maintained and used within an HSM, Stuxnet would have happened to someone else.
Data Security Best Practices
Cryptography is highly dependent on the integrity of its key management systems and practices. For example, if the root key of a PKI is compromised, the entire system collapses. To avoid scenarios like Heartbleed and Stuxnet, follow these simple best practices:
- Encrypt your critical data: It’s too risky to leave data in the clear during any phase of its lifecycle.
- Know what data is important and where it resides: In order to encrypt your data effectively, you have to know where it is, which means you have to begin the process of data categorization.
- Use an HSM: They provide a hardened, secure root of trust to enable a higher degree of security when deploying cryptographic technology.
- Don’t opt for software-based crypto: Make a vow that the keys will only be used within the parameters of an HSM.
- Educate your people: Make the knowledge investments needed. Crypto is a tool; using that tool wisely implies understanding how the tool works. Invest in your people and in the basics building blocks of cryptographic technology. You’ll increase the probability of a secure deployment and scare off the majority of attackers.
The Internet and the number and diversity of things connected to it have changed dramatically since HSMs first arose. Concerns that they are too expensive fade in light of what organizations stand to lose. HSMs raise the probability of deploying cryptography in a secure and unbreakable fashion. For organizations dealing with a high volume of keys, they are an essential component of the modern, hardened crypto system and are no longer optional.
About the Author
Peter DiToro, Vice President of Customer Services, Thales e-Security, leads both professional services and post sales support teams for Thales (News - Alert) e-Security which designs, develop, delivers, and supports cyber solutions for complex security problems using strong cryptography and hardware based encryption key management. He works with a team of 20+ technical professionals focused on applications of the public key infrastructure, securing mobile payments, and data protection within the fortune 1000.
Edited by Peter Bernstein