On Thu, Oct 17, 2013 at 6:04 AM, Gervase Markham <[email protected]> wrote:
> On 17/10/13 00:07, Phillip Hallam-Baker wrote: > > Each HSM vendor has their own security controls but a FIPS140 level 4 > > device won't release them except to another FIPS-140 device. There is no > > way to extract the key from the system unencrypted. > > Phil: what prevents a government just turning up with such a device and > saying "copy your private key into here, please"? > > Gerv > They can do that but it would require the new device to be first credentialed into the correct cryptographic device group. The vendors all have roughly the same scheme but the nomenclature changes. This type of attack is of course the one that Ben Laurie and co are trying to defeat. I wrote the following draft in an attempt to formalize the model of hardening systems against PRISM-class attacks. http://tools.ietf.org/html/draft-hallambaker-prismproof-trust-00 We cannot completely prevent this type of attack but Transparency does increase the Social Work Factor over time. -- Website: http://hallambaker.com/ _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
