Re: [openssl-users] OpenSSL engine and TPM usage.
Hi Jayalakshmi, Is your implementation OSS or intellectual property? If it is OSS can you please provide the URL? Regards, Freemon On Wed, Oct 25, 2017 at 1:06 PM, Jayalakshmi bhat < bhat.jayalaks...@gmail.com> wrote: > Hi All, > > Our device uses TPM to protect certificate private keys. We have written > engine interface to integrate TPM functionality into OpenSSL. Thus TPM gets > loaded as an engine instance. > Also we have mapped RSA operations to TPM APIS as like > encryption/decryption etc. > > Now we are into few issues. there are few applications that wants to use > application specific identity certificate. In such cases RSA APIs should > not get mapped to TPM APIs. > > I wanted to know when we use engine instance for encyrption/decryption > operation, can it be done selectively? > > Regards > Jayalakshmi > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL engine and TPM usage.
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Michael Richardson > Sent: Wednesday, October 25, 2017 18:37 > > Jakob Bohmwrote: > > > Please beware that many TPM chips were recently discovered to contain a > > broken RSA key generation algorithm, so public/private key pairs keys > > to be stored in the TPM should probably be generated off-chip (using > > the OpenSSL software key generator) and imported into the chip, > > contrary to what would have been best security practice without this > > firmware bug. > > wow, further evidence that everything needs an upgrade path. Specifically, it's devices using Infineon chips. AIUI, that includes most TPMs and many HSMs, but not, for example, the NitroKey HSM. The researchers who documented the problem, which they've named ROCA, have a site for it: https://crocs.fi.muni.cz/public/papers/rsa_ccs17 They aren't describing the exact nature of the issue yet (at least the last I checked), but it has something to do with the RSA primes having a structure that lets attackers greatly speed factoring. I can imagine a number of optimizations if you know enough about the structure of the primes. They've provided a Python program that can identify problematic keys with high probability, and it's available as a web service, etc. The program doesn't reveal what the mystery structural issues are; it seems to be a Bloom filter that's been trained to identify vulnerable keys (which is pretty interesting in itself). All that's just based on a pretty cursory look, though, so I may be wrong. Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL engine and TPM usage.
On 10/26/2017 3:33 AM, Michael Ströder wrote: Michael Richardson wrote: Jakob Bohmwrote: wow, further evidence that everything needs an upgrade path. From the viewpoint of hardware vendors the upgrade path is selling new hardware. It's simply like that. Not very sustainable... All the TPMs I know of have the ability to do a "field upgrade". They can accept vendor signed firmware updates. In fact, the newer ones can switch between TPM 1.2 and the new TPM 2.0 API. No need to touch the hardware. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL engine and TPM usage.
In message
Re: [openssl-users] OpenSSL engine and TPM usage.
Michael Richardson wrote: > > Jakob Bohmwrote: > >> I wanted to know when we use engine instance for encyrption/decryption > >> operation, can it be done selectively? > > > Please beware that many TPM chips were recently discovered to contain a > > broken RSA key generation algorithm, so public/private key pairs keys > > to be stored in the TPM should probably be generated off-chip (using > > the OpenSSL software key generator) and imported into the chip, > > contrary to what would have been best security practice without this > > firmware bug. > > wow, further evidence that everything needs an upgrade path. From the viewpoint of hardware vendors the upgrade path is selling new hardware. It's simply like that. Not very sustainable... Ciao, Michael. smime.p7s Description: S/MIME Cryptographic Signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL engine and TPM usage.
Jakob Bohmwrote: >> I wanted to know when we use engine instance for encyrption/decryption >> operation, can it be done selectively? > Please beware that many TPM chips were recently discovered to contain a > broken RSA key generation algorithm, so public/private key pairs keys > to be stored in the TPM should probably be generated off-chip (using > the OpenSSL software key generator) and imported into the chip, > contrary to what would have been best security practice without this > firmware bug. wow, further evidence that everything needs an upgrade path. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works| network architect [ ] m...@sandelman.ca http://www.sandelman.ca/| ruby on rails[ signature.asc Description: PGP signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL engine and TPM usage.
On 25/10/2017 19:06, Jayalakshmi bhat wrote: Hi All, Our device uses TPM to protect certificate private keys. We have written engine interface to integrate TPM functionality into OpenSSL. Thus TPM gets loaded as an engine instance. Also we have mapped RSA operations to TPM APIS as like encryption/decryption etc. Now we are into few issues. there are few applications that wants to use application specific identity certificate. In such cases RSA APIs should not get mapped to TPM APIs. I wanted to know when we use engine instance for encyrption/decryption operation, can it be done selectively? Please beware that many TPM chips were recently discovered to contain a broken RSA key generation algorithm, so public/private key pairs keys to be stored in the TPM should probably be generated off-chip (using the OpenSSL software key generator) and imported into the chip, contrary to what would have been best security practice without this firmware bug. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users