1

I've read several times that many HSMs support configurable rate limiting on cryptographic operations, as a way of protecting against a hacker that compromises a server that has access to the HSM. So if a hacker compromised a server and then attempted to send one million requests to the HSM over the course of an hour (to decrypt all of the data files, for example) then the HSM would stop responding to requests and would possibly also send an alert to the sysadmins.

This led me to thinking about a situation in which some highly sensitive data was needed for use on a strict weekly schedule. As an example, perhaps a special verification program needs to be run once per week on Tuesday, to check over the data from the past week. If this were the case, then perhaps it would be useful to be able to configure an HSM to only allow certain data files to be decrypted once per week, on Tuesday, between the hours of 9:00 am and 11:00 am. If a hacker managed to compromise this server on Wednesday, then the hacker wouldn't be able to decrypt anything for almost an entire week. They would just have to maintain their intrusion and wait. Perhaps an attempt to decrypt at any other time could also generate an alert as well.

Is this actually a feature that some commercial HSM vendors have implemented? Or is this whole "time locking" thing actually a stupid idea to begin with?

bnsmith
  • 67
  • 8
  • As a bit of an update on my research on this topic, I found some documentation for Thales that suggests that it's possible to set a start date and end date for the validity of a key with CKA_START_DATE and CKA_END_DATE. This is similar to what I'm talking about above, but with just one single start and end time rather than a repeating daily or weekly period where a key is valid. Here's the doc: https://thalesdocs.com/gphsm/ptk/5.2/docs/PTK-C_Programming_Guide.pdf – bnsmith Sep 06 '21 at 00:10
  • I found another bit of potentially relevant information [here](https://www.arrow.com/ecs-media/8443/31581thales_security_world.pdf): "For example, the ACL can be used to specify how many times a particular operation can be performed, or to specify a particular time period during which approved operations can be performed." So this does suggest that there are some HSMs that support time periods for performing some operations. I've searched around, but haven't been able to find documentation describing exactly what you can do with an ACL (ie. daily or weekly time periods). – bnsmith Sep 06 '21 at 01:39

1 Answers1

2

This question hasn't attracted much attention, so I'm just going to offer a few last bits of research for anyone who looks into this in the future.

I found a PDF from a "Virtual HSM" vendor that clearly described having time-of-day restrictions: "These policies can include things like rate limiting (how many operations per second a certain key is allowed to be used for), day of week and time of day (e.g., only allowing operations during work hours, or raising a warning at any other time), and so on."

I also found release notes from Thales claiming that "Key policies (time of day and rate limits) are no longer supported". So it looks like their HSM did support time-of-day policies at one point, but they removed that capability from that product. Perhaps they have other products that still support that kind of policy?

I suppose that there definitely seem to be/have been some HSM vendors that supported time-of-day key restriction policies, so the idea isn't completely crazy. At the same time, if vendors are removing that kind of feature, then maybe it was never very popular or widely used? Or perhaps it's just difficult to find detailed technical information about security-related things like HSMs.

Update: The Securosys HSM supports some time-related policies, such as a delay feature that forces there to be a delay between a signing request arriving at the HSM and the actual signing.

Another Update: The accepted answer to this question includes a brief description of implementing time-based restrictions for some operations using custom firmware that runs inside the secure enclave of an HSM. That answer is incredibly informative and well worth reading for anyone interested in computer security.

bnsmith
  • 67
  • 8
  • A professor of cryptography has some [recommendations](https://billatnapier.medium.com/those-pesky-certs-6240942dfe08) for code signing, one of which is to have a time-of-day restriction on when code can be signed. – bnsmith Jan 04 '22 at 02:53