HSM outage causes root CA key loss
Jeffrey I. Schiller
jis at mit.edu
Tue Jul 14 11:57:53 EDT 2009
----- "Peter Gutmann" <pgut001 at cs.auckland.ac.nz> wrote:
> I haven't been able to find an English version of this, but the
> following news item from Germany: ...
It is exactly for this reason that when we generated the root key for
the U.S. Higher Education PKI we did it outside of an HSM and then
loaded it into two HSMs. The "raw" key was then manually secret shared
accross five CD's (three being the quorum) which were distributed to
five individuals for safe keeping. Because CD's have 700 Mb of storage
and the share secret is tiny, literally thousands of copies of it were
written on each CD along with the source code of the secret sharing
software (written in Python).
In theory every few years we are supposed to take out the CD's and
verify that they can be read. It's probably time to do that now :-)
Because of prior experience with a SafeKeyper(tm) (a very large HSM),
I learned that when the only copy of your key is in an HSM, the HSM
vendor really owns you key, or at least they own you!
--
========================================================================
Jeffrey I. Schiller
MIT Network Manager
Information Services and Technology
Massachusetts Institute of Technology
77 Massachusetts Avenue Room W92-190
Cambridge, MA 02139-4307
617.253.0161 - Voice
jis at mit.edu
========================================================================
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list