Arshad Noor writes:
>If you (or anyone on this forum) know of technology that allows the
>application to gain access to the crypto-hardware after an unattended reboot
>- but can prevent an attacker from gaining access to those keys after
>compromising a legitimate ID on the machine - I'd welcome
Hi,
> If you (or anyone on this forum) know of technology that allows the
> application to gain access to the crypto-hardware after an unattended
> reboot - but can prevent an attacker from gaining access to those keys
> after compromising a legitimate ID on the machine - I'd welcome hearing
> abo
> If you (or anyone on this forum) know of technology that allows the
> application to gain access to the crypto-hardware after an unattended
> reboot - but can prevent an attacker from gaining access to those keys
> after compromising a legitimate ID on the machine
This is the conundrum of the of
> All the HSMs I've worked with start their system daemons automatically;
> but the applications using them must still authenticate themselves to
> the HSM before keys can be used. How do the cards you've worked with
> authenticate the application if no PINs are involved?
Sorry, I wasn't clear en
Arshad Noor wrote:
Almost every e-commerce site (that needs to be PCI-DSS compliant) I've
worked with in the last few years, insists on having unattended reboots.
Not only that but many will be multi-node High Availability cluster
systems as well or will be horizontally scaled. This means tha
Arshad Noor wrote:
> to the keys, in order for the application to have access to the keys in
> the crypto hardware upon an unattended reboot, the PINs to the hardware
> must be accessible to the application. If the application has automatic
> access to the PINs, then so does an attacker who mana
Richard Salz wrote:
The cards that I know about work differently -- you configure them to
allow unattended reboot, and then no PIN is involved. This is a little
more secure, in that it requires a conscious decision to do this, as
opposed to sticking the PIN somewhere on the filesystem.
I
> in order for the application to have access to the keys in
> the crypto hardware upon an unattended reboot, the PINs to the hardware
> must be accessible to the application.
The cards that I know about work differently -- you configure them to
allow unattended reboot, and then no PIN is involve
Jerry Leichter wrote:
How
does a server, built on stock technology, keep secrets that it can use
to authenticate with other servers after an unattended reboot? Without
tamper-resistant hardware that controls access to keys, anything the
software can get at at boot, an attacker who steals a c