0

I have an PKCS#11 enabled application which interacts with HSM to store TDES keys. The HSM is initialized with the Security Officer (SO) password provided by the user while the application was first installed.

I would like to know how best to preserve the SO password so that if the application/system were to restart, without human intervention application can use the SO password to open sessions with HSM and utilize it. Currently, I try to read of the password stored encrypted in the file system. The key to encryption is hard coded in application. This would prevent anyone getting access to key/password unless intrudes the memory while the application is run. Seeking human input on every application restart is also ruled out.

What do security procedures normally recommend for protecting passwords/keys which an application uses to access service from other applications (HSM in my case) ?

Prabhu
  • 226
  • 1
  • 6
  • a) an attacker could extract the encryption key from the binary... b) There's no *perfect* solution, but the best you have is to encrypt the password using hardware for each shutdown (f.ex. using a TPM) – SEJPM Jan 05 '16 at 19:58

1 Answers1

1

one way might be using a smartcard or similar for the authentication, nobody can read a password or similar from a smartcard and when you pull it, nobody is going to access your HSM, at least in theory.

My1
  • 394
  • 2
  • 12