NCipher Takes Hardware Security To Network Level

Anton Stiglic astiglic at okiok.com
Tue Oct 7 11:54:57 EDT 2003 

----- Original Message ----- 
From: "Peter Gutmann" <pgut001 at cs.auckland.ac.nz>
To: <astiglic at okiok.com>; <cryptography at metzdowd.com>
Sent: Tuesday, October 07, 2003 11:07 AM
Subject: Re: NCipher Takes Hardware Security To Network Level


> "Anton Stiglic" <astiglic at okiok.com> writes:
>
> >This is why you get requirements of the type that it should run on
Windows in
> >single-user mode, which I take to mean have only an admin account.  This
> >prevents privilege escalation attacks (regular user to root) that are
easily
> >done.
> >
> >I think this is reasonable, since you really are relying on the OS and
the PC
> >for the security of the module.
>
> Uhh, so you're avoiding privilege escalation attacks by having everyone
run as
> root, from which you couldn't escalate if you wanted to.  This doesn't
strike
> me as a very secure way to do things (and it would still get MSDOS
certified,
> because you've now turned your machine into a DOS box protection-wise).

Did you read the security policy of Netscape Security Module?  Basically,
if you want to get the configuration that is FIPS 140 certified, you need
to install the module on a PC and add tamper resistant seals over
appropriate
interfaces, junctions and fasteners of all doors and covers in the enclosure
of the PC, so that you can't open the cover without the fact being
physically
noticeable.  I suggest adding some duct tape in strategic positions for
additional
security :).

By reasonable I mean in the framework of having a general purpose software
cryptographic library be certified FIPS.  I'm not saying I find this secure.
When I see a software library being certified FIPS 140, I say to myself it
must
implement the cryptographic algorithms in a descent way, has a descent
random number generator, and stuff like that.  I don`t care much about the
physical boundary that they artificially determine.

If I want high security, I will go with hardware.  At the end of the line,
what
you want to protect is your secret keys, and if you don't have a tamper
resistant
hardware (that zeroizes your secrets when someone tries to poke at it)
to do that it is difficult if not impossible.

--Anton


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list