4

I'm trying to understand best practices and capabilities regarding the use of an HSM, e.g the Thales Payshield 9000.

Specifically, I wish to securely transfer a BDK for DUKPT from one HSM to a second, without it ever being in the clear, or decryptable.

Is it possible to do this by:

  1. Create a new RSA pair on HSM B (destination)
  2. Export the public key and transfer, and load on HSM A (source)
  3. Encrypt the BDK at the source, using that public key, and export
  4. Transfer that encrypted version to HSM B, and load
  5. Decrypt using private key, and load as BDK

Or have I misunderstood the capabilities?

Is there a better, standard, way of doing this?

Many thanks

Nik
  • 171
  • 5
  • Thanks for reporting back! You should be able to accept your own answer roundabout now (ps. I presume you mean "without it ever being in the clear, or decryptable by an adversary") – Maarten Bodewes Dec 02 '16 at 16:33

1 Answers1

2

Spoke to a sales rep of Thales distributor.

  1. Generate a Zone Master Key (ZMK), which is a KEK.
  2. Distribute that to the destination party, in multiple components, via different media.
  3. Load that ZMK in destination HSM.
  4. Source HSM can now export that BDK, encrypted using the ZMK, which can now be sent to destination
  5. And loaded into destination HSM and decrypted using the shared ZMK.

So like what I proposed, but with symmetric, instead of asymmetric.

This does not inhibit the 3 ZMK component custodians from colluding - retaining the ZMK somewhere, and then being able to later export the BDK and decrypt it. But apparently this is the standard way.

Nik
  • 171
  • 5