Re: The "korean bank" use-case

On 28 Nov 2011, at 14:23, Richard L. Barnes wrote:

>>> AFAICT, this is essentially an improved version of Mozilla's current
>>> JS crypto.  That's fine but IMO it doesn't support security HW
>>> in a way that makes sense to a bank since there is no way you can
>>> assure that keys are stored in HW or SW.
>> 
>> How can you •assure• that in the first place? Surely you’re always just taking the interface’s word for it, even if it claims to provide such guarantees?
> 
> Presumably, this is assured by the fact that the public key is accepted by the remote side?  If the private key is only held in an HSM / smart card, then any crypto operations with that private key are known to be performed within that HSM (assuming that you trust the HSM).

Right, either

a) the private key is generated on the HSM before it's issued to the end-user, and you maintain a copy of the public key; in which case you know — because the keys match — that it's stored in HW, so don’t need an API to tell you that; or

b) the private key is generated on the HSM by the end user and you need an API to attest to that fact, but it could obviously lie.

Now, there might — presumably — be some variation on the theme where the HSM contains a private key whose public key is known to the relaying party, and *that* key is used to sign the newly-generated keys, allowing positive confirmation that the key was indeed generated on the HSM (because it won't sign keys which haven't been) — but I honestly don't know if any HSMs do this or not?

M.

-- 
Mo McRoberts - Technical Lead - The Space,
0141 422 6036 (Internal: 01-26036) - PGP key CEBCF03E,
Project Office: Room 7083, BBC Television Centre, London W12 7RJ



http://www.bbc.co.uk/
This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated.
If you have received it in error, please delete it from your system.
Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately.
Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.
					

Received on Monday, 28 November 2011 14:46:26 UTC