[Cryptography] HSM's to be required for Code Signing Certificates

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sat Jan 28 01:35:47 EST 2017


Ron Garret <ron at flownet.com> writes:

>Unless the HSM has its own I/O, like this one:
>
>https://sc4.us/hsm
>
>When asked to sign, the SC4-HSM displays the hash to be signed on the built-
>in display and waits for the user to confirm by pressing a button on the HSM.

Excluding Radar O'Reilly attacks, that would actually do a pretty good job,
mostly because of the user button that requires a physical action to generate
the sig, removing the single biggest flaw of HSMs as crypto yes-boxes.

Unfortunately since it's neither FIPS 140-2 level 2 with a Windows CSP nor a
cloud, it's not secure enough to meet Microsoft's requirements.

(Uhh, did I mention "security by press release" before? :-).

Peter.


More information about the cryptography mailing list