7

In many cases, there is a single master key that is installed in a HSM or similar device, but which should be backed up. The recommended method for this backup in many cases is to encrypt the master key to multiple smart cards from which there is a "n out of m" style setup required to restore the master key. Some HSM devices support this natively as a key backup method, but do not reveal the exact algorithm to do it.

This is obviously trivial to do manually:

  1. Encrypt master key with a long passphrase
  2. Use some secret sharing algorithm (Shamir's) to split the passphrase
  3. Encrypt each produced part for each smart card

Now, my question is:

Are there any existing encryption standards or industry-accepted practices to do this, or is it just homebrew? I am specifically looking for solutions which are employed with smart cards.

Nakedible
  • 4,501
  • 4
  • 25
  • 22

1 Answers1

4

A complete solution in the context of HSM must be HSM-specific because you do not want any piece of secret to ever go through the RAM of a PC, let alone its hard disk. The HSM should include a smart card reader, or establish a secure tunnel (encrypted and authenticated, à la SSL) with a hardware module which includes a smart card reader. The host PC, for a HSM, is used as a network router and an electrical source, nothing more. You use a HSM precisely because you cannot trust a PC for the secret values you are dealing with.

Under these conditions, there is little reason that a standard may have evolved, and indeed none has, except for the usual smart card basics (card size, connector emplacement, encapsulation of commands within APDU). For a HSM to have a secure backup method, it must be something "homebrew", directly integrated in the HSM.

Moreover, any certification for the HSM (e.g. FIPS 140-2 level 3) must cover that backup system as well. Consequently, you cannot slap a system with smart cards on an existing HSM and still claim that "this is certified".

Thales "nShield" HSM include such a native support for smart cards with a quorum. The actual secrets are encrypted files (what Thales calls a "security world") and the "administrator smart cards" collectively contain a master key which is sufficient to decrypt these files.

Thomas Pornin
  • 320,799
  • 57
  • 780
  • 949
  • Thanks! I agree that any key backup of a non-exportable key must be proprietary, as it must somehow authenticate the backup device as "secure". However, I see no theoretical reason why PKCS#11 could not have a "export for multiple custodians" method in addition to the normal key wrapping method - although for practical reasons it doesn't. Also in many master key setups (such as a root CA key) the key actually is generated in a manner which allows a "portable" backup of the key by standard methods during key generation only - to avoid lock-in with a vendor, and to keep the key recoverable. – Nakedible Mar 17 '13 at 20:29