Hardware Security Modules
- 2.8k Downloads
Hardware Security Modules/(HSMs), also known as Tamper Resistant Security Modules (TRSMs), are devices dedicated to performing cryptographic functions such as data encryption/decryption, certificate management and calculation of specific values such as card verification values (CVVs) or Personal Identification Numbers (PINs). What these devices offer is tamper response, the capability to detect any attacks on their surface and securely delete the sensitive content stored in their memory. Such devices are manufactured to meet specific criteria [e.g. Federal Information Processing Standard (FIPS)] and must be appropriately managed throughout their whole lifecycle. Together with encryption algorithms, cryptographic functions and vendor provided functionalities, they host one or more cryptographic keys that respond to automated or manual commands. Physical security and key management are essential in order to protect the confidentiality and integrity of the keys and these requirements are properly described in various standards. Due to the specific functionality of HSMs, there have been many published attacks via the command interface, which reinforces the need for adequate controls, both physical and logical, around these devices.
KeywordsApplication Programming Interface Security Requirement Message Authentication Code Personal Identification Number Side Channel Attack
- 1.“Payment card industry PIN Security Requirements”, version 1.0, September 2011.Google Scholar
- 2.ISO 9564–1, “Financial services - Personal Identification Number (PIN) management and security - Part 1: Basic principles and requirements for PINs in card-based systems”, 2011.Google Scholar
- 3.ISO 9797–1, “Information technology - Security techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher”, 2011.Google Scholar
- 4.ANSI X9.24-1, “Retail Financial Services Symmetric Key management, Part 1: Using Symmetric Techniques”, 2009.Google Scholar
- 5.ISO 13491–1, “Banking - Secure cryptographic devices (retail), Part 1: Concepts, requirements and evaluation methods”, 2007.Google Scholar
- 6.ISO 13491–2, “Banking - Secure cryptographic devices (retail), Part 2: Security compliance checklists for devices used in financial transactions”, 2005.Google Scholar
- 7.FIPS 140–2, “Security Requirements for Cryptographic Modules”, 2001, with some updates in December 2002.Google Scholar
- 8.“Common Criteria for Information Technology Security Evaluation”, see http://www.commoncriteriaportal.org/.
- 9.“Payment card industry (PCI) Hardware Security Module (HSM) Security Requirements”, version 1.0, April 2009.Google Scholar
- 12.“Payment card industry (PCI): POS PIN Entry Device, Security Requirements”, version 2.1, January 2009.Google Scholar
- 13.“PIN Security Program: Auditor’s Guide", version 2, January 2008, see http://usa.visa.com/download/merchants/visa_pin_security_program_auditors_guide.pdf.
- 14.ANSI X9.17, “Financial institution key management (wholesale)”, 1985.Google Scholar
- 15.ANSI X9 TR-31, “Interoperable Secure Key Exchange Key Block Specification for Symmetric Algorithms”, 2010.Google Scholar
- 16.M. Bartolozzo, R. Focardi, M. Centenaro & G. Steel, “Attacking and Fixing PKCS#11 Security Tokens”, ACM Conference on Computer and Communications, Security, 2010, pp. 260–269.Google Scholar
- 17.PKCS#11, “Cryptographic Token Interface Standard”, version 2.20, RSA Laboratories, June 2004.Google Scholar
- 18.R. Anderson, “Why cryptosystems fail”, Proceedings of the 1993 ACM Conference in Computer and Communications Security, pp. 215–227. See also, http://www.cl.cam.ac.uk/users/rja14/wcf.html.
- 19.R. Anderson, “Security Engineering”, (2nd Edition), Wiley, 2008.Google Scholar
- 20.J. Clulow, “The Design and Analysis of Cryptographic Application Programming Interfaces for Security Devices”, version 4.0, M.Sc. Thesis at University of Natal, Durban, South Africa, dated 17 January 2003.Google Scholar
- 21.Y. Desmedt, F. Hoornaert & J.J. Quisquater, “Several Exhaustive Key Search Machines and DES”, EUROCRYPT 86, 1986, pp 17–19.Google Scholar
- 22.R. Clayton & M. Bond, “Experience Using a Low-Cost FPGA Design to Crack DES Keys”, presented at the CHES 2002 Workshop Francisco, 1st August. (http://www.cl.cam.ac.uk/rnc1/descrack/DEScracker.pdf).
- 23.M. Bond & P. Zieliński, “Decimalisation Table Attacks for PIN Cracking”, University of Cambridge Computer Laboratory, Technical Report 560, dated February 2003. (http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-560.pdf).
- 24.R. Anderson & M. Bond, “Protocol Analysis, Composability and Computation”; see http://www.cl.cam.ac.uk/rja14/Papers/bond-anderson.pdf.
- 25.Joint USSS/FBI Advisory February 2009, see http://usa.visa.com/download/merchants/20090212-usss_fbi_advisory.pdf.