Highest Voted 'hsm' Questions - IT Security Stack Exchange

0

votes

0 answers

How to calculate Millenage OPc value while OP stored in HSM?

ETSI TS 135 206 defines the specification of MILENAGE algorithm which is an authentication algorithm for mobile networks. It defines 'OPc' as below: a 128-bit value derived from OP and K and used within the computation of the functions. According…

asked Feb 01 '22 at 07:55

VSB

185
9

0

votes

1 answer

Examples of custom key restriction policies for HSMs

Based on my understanding, some types of HSMs allow custom software to be developed that can run within the HSM's secure enclave. This capability allowed Square to do something very clever to boost the security of their cryptocurrency cold…

authentication hsm

asked Jan 07 '22 at 02:16

bnsmith

67
8

0

votes

0 answers

Handling MTLS with HSM

Scenario: I need to implement MTLS between three of my services communicating with each other. Based on my understanding of MTLS, I need to import the certificate of target services in the trust store of the source service and the certificate of…

tls hsm mutual

asked Oct 08 '21 at 11:48

PratikJoshi

1
1

0

votes

1 answer

Using an HSM to protect encrypted data even when a server is compromised

Imagine a system architecture where an API server is able to send a request to an HSM, and the HSM is able to decrypt some data for a particular user/customer, in order to serve some hypothetical purpose. In this case, if the API server is…

encryption defense hsm architecture

asked Aug 08 '21 at 23:55

bnsmith

67
8

0

votes

1 answer

How does a cloud based application use a TPM to authenticate hardware devices?

I have heard about this, but not sure how it would work. I would imagine that when you register the device, the public RSA key burnt into the chip would be shared. That way, if the application sends a challenge, the TPM uses the private key to…

cloud-computing tpm hsm

asked May 30 '21 at 15:31

Beginner

39
5

0

votes

0 answers

Better security for storing certificates in LUKS or softhsm?

What is the best place to store certificates and keys which are confidential and sensitive? As I understand LUKS is fine and kernel transparently handles encryption/decryption. Also, the LUKS volume could contain anything and everything like a…

tpm luks hsm

asked Feb 18 '21 at 09:57

Baranikumar Venkatesan

635
4
12

0

votes

1 answer

key escrow vs secure storage(software/TPM/HSM)

From the definition of key escrow (a method to store important cryptographic keys providing data-at-rest protection), it sounds very similar to that of secure storage which could be basically software-based or hardware-based (TPM/HSM). But, I could…

encryption storage hsm

asked Dec 21 '20 at 03:40

Baranikumar Venkatesan

635
4
12

0

votes

0 answers

Authenticate Windows/Linux process against hardware security module

I have a hardware security module connected to a host computer (Windows/Linux). The HSM contains symmetric keys used to encrypt/decrypt data (i.e. files and real-time communications); the keys are stored inside the memory of the HSM and their values…

authentication memory key hsm

asked Oct 08 '20 at 12:35

matteof93

1

0

votes

2 answers

Secure Authentication of Technical User to a Network-Appliance-HSM

Let's assume we have an internal environment consisting of some distributed systems, one central system and an internal PKI. The central system is serving a cluster of HSMs that shall be accessable by network in a securely controlled way. On the…

authentication network hsm insider-threats distributed-computing

asked Sep 15 '20 at 08:35

moritz1895

3
2

0

votes

1 answer

Why is YubiHSM an HSM?

What makes the YubiHSM an HSM? Most HSMs I have seen have more memory and are faster, perhaps due to crypto-accelerators. They're generally big and inserted in data center racks, or plugged as PCIe cards. But the YubiHSM is tiny, I was wondering…

yubikey hsm

asked Jul 15 '20 at 03:38

David 天宇 Wong

169
5

0

votes

0 answers

Parameters for HSM based symmetric Key Derivation Function (KDF)

I have a quick question regarding parameters for HSM based symmetric Key Derivation. My situation is that I have to implement HSM based symmetric key derivation for encryption of sensitive data to be stored inside DB. Each data entry should have…

encryption asymmetric hsm kdf

asked Jun 17 '20 at 08:57

Nezhull

1

0

votes

0 answers

Line jump with openssl s_client -connect command when using CAfile

I am trying to connect with some HSM cloud service using a specific url:port provided by the service vendor. The connection works fine if CAfile is omited from the syntax of the s_client -connect command. However, when included, the prompt simply…

certificate-authority openssl hsm

asked Jun 14 '19 at 17:06

ericridderstrom

1

0

votes

0 answers

Raspberry Pi with LAN, no WAN - Encryption Key Security - Zymbit/Zymkey

I am setting a up a Raspberry Pi that will be portable and often set up in areas without electricity or internet access and with poor cell service. I'd like to encrypt and decrypt data without retrieving keys from another server. The solution I…

key-management hsm iot

asked Apr 12 '19 at 12:53

superkayrad

1
1

0

votes

2 answers

TDE - Encrypting different rows with different keys

My question is in general but related to Oracle DB. I have a single table with different companies as rows. Each row has company id and company registration number. I would like to encrypt company registraiton number, but i want to encrypt each…

cryptography hsm oracle

asked Mar 04 '19 at 02:58

ZEE

157
3

0

votes

1 answer

Windows Server: Import HSM-backed certificate into second server

Scenario: Using Amazon CloudHSM with CloudHSM Windows Client installed and configured. Created CSR for a Code Signing certificate with certreq.exe and provider Cavium Key Storage Provider. Submitted CSR for signing to CA Accepted signed…

certificates aws windows-server hsm

asked Mar 01 '19 at 13:26

MikeJansen

101
2

Questions tagged [hsm]