1

I have some question about server side pdf signing using network-attached hardware security module. my first question is: what is PDF Signing Certificate? Certificates are public keys, how a certificate can be used for signing? from https://www.globalsign.eu/pdf-signing/server-based.html:

With the server-based PDF Signing, Certifying and Approving PDFs require a 
GlobalSign-issued PDF Signing Certificate, stored and protected 
on a Hardware Security Module (HSM), and an automated 
digital signature solution to apply the
signatures to the documents.

my second question is about storing private keys: Can user's private keys be generated and stored on the HSM? is non-repudiation guaranteed with this solution?

sfallahdoost
  • 47
  • 6

1 Answers1

1

Here "signature certificate" means "the signature private key and the associated certificate". This is a commonly used shortcut.

Since I did not find any technical details about the product I cannot give a final answer to your second question. But I am confident that the signature key is generated by the HSM and cannot be easily exported outside the device. Note that non-repudiation also depends on the security model of the HSM (who can generate the key? who can use the key? how is the key access controlled? etc)

Jcs
  • 989
  • 8
  • 12
  • Thanks Jcs, I am working with HSM via PKCS11. I think that PKCS11 is not appropriate for this purpose. for example, if i write a web service that authenticate users via username/password and allow users to generate keypairs on the HSM, HSM admin that know token pin can use users's private keys. Jcs, are Cloud HSMs appropriate for this purpose? do you know how Cloud HSMs work? – sfallahdoost Jan 12 '15 at 17:12
  • Well, PKCS#11 has been designed for personal smartcards and does not fit very well with cloud services. However, for instance, with the nCipher HSM (I have some experience with it) you can configure a quorum of operators required to access the key. Such a configuration can improve the trust on the system for the customers. Unfortunately I never used Cloud HSM. At first glance I think it is possible to build a signature service on a Cloud HSM. But I also believe that, first of all, it's worth an comprehensive threat analysis – Jcs Jan 13 '15 at 14:49