Why We Need Hardware Security Modules (HSMs)

HSM stands for Hardware Security Module, a piece of hardware where some cryptographic operations can be securely performed.

What is an HSM? What is it good for? And why do we need it?

This is what we will explain in what follows.

What is an HSM

An HSM is a hardware system that keeps cryptographic key “in a safe place”, meaning that it can resist tampering and various attacks. Additionally, an HSM usually provides crypto processing and cryptographic operation as well as random number generation (RNG) or physical unclonable functions (PUF). In the common terminology, an HSM is an electronic card connected to a mainboard and usually enclosed by a box and have the shape of a computer server.

HSMs are supposed to host no viruses, no exploit, no malware and they must prevent strongly any unauthorized access.

They are considered to be so safe because they are built using specialized hardware, which hardware is certified in approved laboratories. Their OS is security-focused. They have limited access to the network and finally, they actively hide and protect cryptographic keys and secrets.  

Here are two possible representation of an HSM:

Strictly speaking, a smartcard can be seen as an HSM, small but having all functions of an HSM.

What is an HSM Good at?

HSMs are good at:

• Storing in a secure way cryptographic secrets, symmetric keys, asymmetric private keys, and certificates;
• Generating cryptographic secrets, essentially key pairs that will never be able to leave the secure enclosure of the HSM ( e.g they cannot be exported );
• Providing a secure hash function;
• Providing secure/true Random Number Generation;
• Preventing tamperisation attempts by immediate cryptographic zeroization of the device in case of tampering event;
• Preventing access to memory;
• Resistant to fuzzing and side-channel attacks;
• Managing keys and key import/exports in secure ways.

In other words, HSMs are your trusted companions for anything which is related to cryptography and key management. While, in the context of cryptographic operations,  you can’t really trust operating systems such as Windows or Linux and third-party software, you can (and should) trust HSMs because they have been specially designed for that!

Why We Need HSMs

HSMs can be a pretty expensive piece of hardware. A laptop provided with free encryption software is, in comparison, very cheap so why do we need them?

Some cheaper devices may act as HSM. Some of them are like “standard” PCs and have a very simple anti-intrusion system that will physically destroy the hardware in case the box containing the hardware will be opened and this is their only anti-tampering mechanism. Especially, the cryptographic keys are usually stored in the memory of the device, a standard hard drive with a Linux partition for instance.

Should an intruder manage to steal one of these boxes and open it without triggering the anti-intrusion mechanism which is usually not very hard, the attacker would just have to make a hole in the box with some sharp tools, then it was very easy to grab the hard drive inside and therefore read the cryptographic keys used to cipher and decipher all their communications.

Of course with an HSM, it would have been another story. It is practically impossible to penetrate the secure grid of the cryptographic core of an HSM for example, without triggering an anti-intrusion event, usually, zeroization.

Any organization which is using symmetric encryption cryptography should ask themselves: “where do we store the keys”. If the keys are encrypted, then the problem stays the same: where do they store the KEKs? The keys that encrypt the keys? and so on…

If such keys are stored in “standard” storage such as hard drives, flash memory, etc… then an attacker that will gain access to the device where they are stored will be able to read them and break all the encryption in place.

If the keys are encrypted and decrypted by a program, in whatever programming language it has been written, C, C++, C#, etc… and for whatever target it has been compiled ( Windows/Linux/X86/arm…)  it is always possible to reverse such program and locate the keys.

Many software engineers and many IT specialists are simply unaware of the fact that there is absolutely no protection when a cryptographic key is stored in a program located in a PC (or any similar unprotected machine). In other terms, it is almost like displaying the key publically!

There are disassemblers able to fully reverse programs into assembly code like for instance the Interactive Disassembler  IDA pro and decompilers able to reverse assembly code to original source code like Hex-Rays.

These programs are extremely sophisticated and allow, for example, breakpoints and debugging, even if the target program does not contain debug symbols.

It is always possible to “hide” the keys in secret partitions, which themselves can be ciphered by keys located elsewhere etc… It is possible to split the keys into plenty of small pieces scattered in every place and hidden using steganographic techniques.

It is eventually possible to combine all this with obfuscation and indeed this will create a real puzzle making the task of locating the keys a very painful task.

Yet, some people like solving puzzles and there are more techniques that can defeat such countermeasures like spying interprocess communication, temporarily files and RAM memory. Combined to disassembler and decompiler and deobfuscator, attackers are still able – maybe after several months of efforts – to read the keys.

As a concrete illustration of the damages of what IDA Pro and Hex-Rays can do, here are the partial results of some real security analysis done against a supposedly desktop security program that was interacting with a smartcard where keys were ciphered … Hex-Rays was still able to reconstruct pieces of the encryption code into C pseudo-code (here the keys and name are removed for confidentiality reasons )

After the analysis, it was finally possible to reconstruct the 3DES keys which were supposed to be totally protected.

Again, if the program which was interacting with the smartcard was an HSM, it would not have been possible to break the encryption.

Similar attacks can be performed against programs that operate outside HSMs, allowing tampering with cryptographic operations, scanning RAM to locate keys or modifying values to change the result of cryptographic operations, etc.

An HSM truly separates cryptographic operation from the rest of the “normal” business operation in a company and defines a trusted and secure zone where such operations can be done in confidence of not been attacked. By themselves, the “common” cryptographic libraries such as OpenSSL, or the Microsoft crypto APIs provide poor key isolation. Even the latest CNG (“Next Generation” Crypto) while it provides better key isolation and separate processes, cannot be compared with what provides an HSM.

Besides, HSM is much more than just “protected” memory and anti-tampering hardware, they also provide security software and firmware ( not the “common” operating systems), strong conditional access, etc.

Conclusion: HSMs are not “gadgets” used for decoration…they are really useful. In other terms there cannot be anyways to seriously protect an information system without them, hence we definitely and desperately need them.

Acodez is a leading website design and software development company in India. We offer all kinds of web design and web development services to our clients using the latest technologies. We are also a leading digital marketing company providing SEO, SMM, SEM, Inbound marketing services, etc at affordable prices. For further information, please contact us.