Nitrokey HSM - Details of DKEK/key-wrapping algorithm, or key import

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Nitrokey HSM - Details of DKEK/key-wrapping algorithm, or key import

Evan Anderson
I recently acquired a Nitrokey HSM for testing for one of my Customers. The
feature-set of the SmartCard-HSM software appears to be quite good and a
nearly perfect fit for my Customer's needs.

My Customer will be signing firmware for a series of embedded control
devices w/ RSA keys. These devices have a planned 15-20 year lifetime in the
field/market (embedded devices attached to very large, very expensive pieces
of machinery with long service lifetimes). Losing access to the firmware
signing key during the device's supported lifetime would be quite bad
(physically recalling the devices and replacing secure SoC devices w/ public
keys stored in on-chip fuse-protected bootloader flash).

While the built-in key backup/restore functionality in SmartCard-HSM looks
quite good, I'm concerned that without details of the
key-wrapping/unwrapping algorithm my Customer could find themselves, in the
future, in a situation where SmartCard-HSM is no longer available for
purchase. I am reticent to simply recommend assuming that the Customer
purchase extra devices to hold in storage and hope that they will remain
functional for 10+ years. My Customer is already accustomed to supporting
devices in the field w/ 15+ year lifetimes, so this concern is a very real
one to them.

Are there details of the DKEK key-wrapping/unwrapping algorithm available
(under NDA and/or for a fee, if necessary) that would enable my Customer to
have confidence that, even if the SmartCard-HSM product were discontinued
and no longer available, they would be able to bring the DKEK shares and
key-backup together to reconstruct their key to load into some new device?

As an alternative to understanding the DKEK key-wrapping/unwrapping
algorithm, is there functionality to import an externally-generated key into
the SmartCard-HSM product? I see a reference here
<http://www.smartcard-hsm.com/features.html#keyimport> but I've reviewed all
the materials I can find publicly, and on the CardContact Developer Network
website, and I am not finding any examples or documentation showing how to
perform this import. On this mailing list, as recently as October 2015
(under the thread "Cannot delete imported private key from SmartCard-HSM") I
am seeing statements that make me think that this import functionality may
have difficulties.

Thank you,
Evan Anderson
Wellbury LLC
Troy, OH, US


------------------------------------------------------------------------------
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: Nitrokey HSM - Details of DKEK/key-wrapping algorithm, or key import

Andreas Schwier (ML)
Dear Evan,

if you register at the CDN [1], then I can enable access to the
SmartCard-HSM SDK which contains a script to decode the wrapped key
container.

Andreas

[1] http://www.cardcontact.de/cdn/about.html

On 12/14/2015 01:00 PM, Evan Anderson wrote:

> I recently acquired a Nitrokey HSM for testing for one of my Customers. The
> feature-set of the SmartCard-HSM software appears to be quite good and a
> nearly perfect fit for my Customer's needs.
>
> My Customer will be signing firmware for a series of embedded control
> devices w/ RSA keys. These devices have a planned 15-20 year lifetime in the
> field/market (embedded devices attached to very large, very expensive pieces
> of machinery with long service lifetimes). Losing access to the firmware
> signing key during the device's supported lifetime would be quite bad
> (physically recalling the devices and replacing secure SoC devices w/ public
> keys stored in on-chip fuse-protected bootloader flash).
>
> While the built-in key backup/restore functionality in SmartCard-HSM looks
> quite good, I'm concerned that without details of the
> key-wrapping/unwrapping algorithm my Customer could find themselves, in the
> future, in a situation where SmartCard-HSM is no longer available for
> purchase. I am reticent to simply recommend assuming that the Customer
> purchase extra devices to hold in storage and hope that they will remain
> functional for 10+ years. My Customer is already accustomed to supporting
> devices in the field w/ 15+ year lifetimes, so this concern is a very real
> one to them.
>
> Are there details of the DKEK key-wrapping/unwrapping algorithm available
> (under NDA and/or for a fee, if necessary) that would enable my Customer to
> have confidence that, even if the SmartCard-HSM product were discontinued
> and no longer available, they would be able to bring the DKEK shares and
> key-backup together to reconstruct their key to load into some new device?
>
> As an alternative to understanding the DKEK key-wrapping/unwrapping
> algorithm, is there functionality to import an externally-generated key into
> the SmartCard-HSM product? I see a reference here
> <http://www.smartcard-hsm.com/features.html#keyimport> but I've reviewed all
> the materials I can find publicly, and on the CardContact Developer Network
> website, and I am not finding any examples or documentation showing how to
> perform this import. On this mailing list, as recently as October 2015
> (under the thread "Cannot delete imported private key from SmartCard-HSM") I
> am seeing statements that make me think that this import functionality may
> have difficulties.
>
> Thank you,
> Evan Anderson
> Wellbury LLC
> Troy, OH, US
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>


--

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Sch├╝lerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org
                 http://www.smartcard-hsm.com


--

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Sch├╝lerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org
                 http://www.smartcard-hsm.com


------------------------------------------------------------------------------
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel