[Cryptography] HSMs or Intel SGX? Which is harder to hack?

Fri Feb 17 09:33:17 EST 2017

On 17 Feb 2017, at 13:03, Wasa Bee <wasabee18 at gmail.com> wrote:
> On Fri, Feb 17, 2017 at 7:51 AM, Mike Hamburg <mike at shiftleft.org <mailto:mike at shiftleft.org>> wrote:
>> On Feb 16, 2017, Bill Cox <waywardgeek at gmail.com <mailto:waywardgeek at gmail.com>> wrote:
>> 
>> The cost per signature is the main metric for being "practical" in this case.  A 100K/second signature capable HSM that costs $1M would be worse than a 10/second signature capable device that costs $1.  I don't care about FIPS compliance, as it no longer seems well correlated with good security.
> 
> 
> The image of 10,000 smart card readers dangling out of your host gives me a chuckle.
> 
> this company is building a rack full of smart cards to build a cheap HSM with high throughput -  see https://enigmabridge.com/ <https://enigmabridge.com/>
While 10k is a bit much - it is pretty common in some industries to have in the mid 1000’s in something called simbanks, poolGSM or simtrays; typically 128 or 256 cards; often fitting by two per 1U enclosure. 

E.g:

	https://www.alibaba.com/product-detail/YX-256-pool-gsm-sim-card_60571655761.html

While usually used for large GSM gateways or complex dialout (or spoofing/gatewaying things like  bulk WhatsApp / Signal bridges) - most models are quite happy with typical PKCS#15/x509 style simcards and a doddle to integrate with OpenSSL or OpenSC.

It is quite useful if you are doing things like encrypting/signing against some key in backup scenarios; with daily or `per retention policy’ key sets; which you then swap/take offsite on a weekly or so basis - but you do not want key/card PKI swap protocols daily or too regularly. Yet the auditor or regulator wants a single ‘non duplicatable’ key.

Dw

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170217/10c31b60/attachment.html>