Overview
- Hardware Security Module in the cloud
- Separation of duties
- AWS operates device but does not have access to key material
- Customer has access the key material
- Certified by 3rd parties (e.g. government agencies)
- Multiple devices
- HSM device may be deployed on-premise (e.g. backup HSM)
- Integrated with CloudTrail
- In 2017/08 new release (old is now CloudHSM Classic)
- Easier provisioning
- Different pricing model (no up-front cost)
- Higher certification (compliance)
Use Cases
- Oracle Transparent Data Encryption (TDE)
- SSL Offloading
- e.g. Apache offloads SSL operations to HSM
- Storing keys for Certificate Authority
- Regulatory or contractual requirements
HSM
- Physical device
- Storage of key material
- Key material never leaves the device
- Crypto operations (e.g. encrypt/sign)
- Storage of key material
- Single tenant (dedicated)
- Tamper detection (key material is wiped out)
- Lives in dedicated CloudHSM VPC
- Has Elastic Network Interface associated
- located in customer VPC (not AWS-owned CloudHSM VPC)
- same AZ
- Has Elastic Network Interface associated
HSM User
- Most operations require authentication
- User Types
- Precrypto Officer (PRECO) - temporary (default password). Becomes CO
- Crytpto Office (CO) - user management (control plane)
- Crypto User (CU) - key management + crypto operations (data plane)
- Appliance User (AU) - cloning, synchronization (used by AWS)
- Quorum Authentication (M of N)
- 2 or more HSM users required to perform an operation
Cluster
- Collection of HSM devices (1-28)
- Use cases
- High Availability
- Throughput (load balancing)
- Keys are synchronized between devices
- Initialization
- Retrieve CSR
- Create private key
- Sing CSR
Client
- CloudHSM Client
- Mutual authentication (client <-> HSM)
- Certificate based
- Runs on any instance that can connect to HSM ENI
- Not only EC2
- Lives in different VPC than HSM
- All other consumers go through that client
- Mutual authentication (client <-> HSM)
- Protocols
- Java JCA/JCE (Java Cryptography Architecture/Java Cryptography Extensions)
- PKCS#11 (programming interface)
Backup
- Natively supported
- Scheduled/on-demand
- Restore to cluster
- Backed-up
- Key material
- Users
- Configurations
- Stored in Bucket (AWS owned)
- Encrypted based on embedded key
HSM vs. KMS
- HSM total control but requires management (e.g. access control)
- KMS designed for the cloud (scalability, durability, performance) - easier to use
- Integrated with other services
- Access controlled through policy
- Allows envelope encryption
- Easier key-rotation: enough to re-encrypt the data key - not entire data set
HSM vs. TPM
- TPM is a chip on motherboard (often on laptops)
- Used for disk encryption as "root of trust"
- Integrity authentication for boot process
- Includes unique RSA key burnt into it
- Used for disk encryption as "root of trust"
- HSM is added as external device
- Smaller devices can be put on corporate ID badge
- performs sign/encrypt on the device
Key Hierarchy approach to encryption
- Single Master Key used to encrypt Data Key
- Encrypted Data Key stored along with ciphertext
- Benefits
- Easier to protect single (master) key, e.g. KMS/HSM
- Segmentation of data that is protected (different data keys)
References
No comments:
Post a Comment