Today, crypto-operations are becoming an extraordinarily important asset for modern banking and modern financial institutions in general.
To secure these crypto-operations, HSMs are fundamental. But HSMs are usually very costly machines. They require also important maintenance and specially trained operators or programmers to interface them.
Buying an HSM is therefore not a decision to be taken lightly. Many things must be considered in advance such as:
Once all the questions of this checklist have been answered, it is possible to understand that HSM will have an optimal usage in your organization, at a smaller cost, and for a maximal duration.
Table of Contents
Is the HSM able to operate as a partitioned HSM if needed? Not all HSMs are able to offer HSM virtualization which uses hardware partitioning or cloud-based cryptoserver. This requires a relatively modern design and a slightly sophisticated software approach.
Virtualization with HSM is known to allow in some environments, drastic cost reductions simply because sometimes several old physical HSMs can be replaced by an equivalent number of virtualized HSMs based on a unique physical HSM.
Recall also that in many cases old HSMs are interfaced via PKCS#11. PKCS#11 is a high-level abstract API specification that allows interfacing cryptographic tokens, especially HSMs. PKCS#11 sees token ‘at a logical level’ and makes no difference whether they are virtualized or not. Therefore, moving from an old non-virtualized HSM to a new virtualized HSM has no impact in terms of PKCS#11 software.
Cryptographic speed is an essential factor when considering buying a new HSM. Crypto-operations are more and more demanding and require more and more intensive calls to primitives such as AES, RSA, ECC, or SHA-256 for instance.
When considering the payment networks, for example, the VISA PIN translation per second (PTS) is a good measure of how fast an HSM can perform.
That value will typically range from a few hundred to values such as 10,000. Besides this, other speeds such as time required to perform the following operations are of importance:
In general, given the ever-increasing demand for cryptographic operations in a modern banking environment, it is best to ensure that the HSM will have sufficient crypto-power, not only for the current applications but for any future one. This will avoid ‘piling up’ news HSMs to supply a too-weak machine.
Knowing how much crypto-power is needed is therefore fundamental to secure the right HSM for the long term. HSMs don’t exactly obey Moore’s law, but they certainly have laws of their own, and so it is better to be prepared to have to consume three times more crypto-power in the next years than now.
If the HSM is able to virtualize, then you probably can ‘play’ with that and scale the rapport power/number in a relatively smart way without having to care about buying a new HSM.
That question may appear to be slightly out of cryptographic interest but some have been shocked by the recent trend to see established companies in the cryptographic and security world becoming suddenly bought by other, larger companies, with identical and similar products.
As a result, these products do not always stay alive, they die prematurely and are to be replaced by the products of the winning company. Since not all contracts are equal and not all customers have the right guarantee, one may suddenly end with prematurely phased out products, deprecated, without the support, and replaced by different products that may even not suit your needs.
Therefore, it is always a good question to buy from a vendor that has a reputable and long tradition of maintaining a stable line of products.
Crypto-agility is a modern and essential concept. In essence, it is based on what the military and defense people knew for a long time: no crypto is 100% safe and what is safe now is the cracked algorithm of tomorrow.
Think how the DES (Data Encryption Standard) was supposedly a very robust and totally secure algorithm until it became clear it could be cracked simply because microprocessors became so cheaper that a DES cracking machine could be built at a relatively affordable cost.
The triple-DES is now being actively phased out and is officially deprecated by NIST. Hashing algorithms such as MD5 or SHA-1 have also been cracked once they appeared as very secure before.
Besides, with the arrival of quantum crypto, there is a growing ‘fear’ that many of the asymmetric algorithms, especially the RSA algorithm, won’t be safe at all.
An HSM should be able to deal with potentially some new post-quantum crypto schemes such as Crystal-Kyber, Crystal-Dilithium, McEliece cryptosystem, Chacha20, and others.
When considering buying a new HSM, simply one must ask that question: it is crypto-agile? Does this mean that HSM is able to move from a compromised algo to a newer algo without hassle and pain?
Buying a crypto-agile HSM means that you won’t have to trash it and replace it with a new one when your preferred encryption scheme becomes finally cracked.
Banks must obey requirements from various norms. One very important norm is the PCI-DSS norm which dictates a certain number of rules for banks that want to operate transactions inside the card payment network.
A recent upgrade of the PCI PTS HSM norm (version 3) mandates bank and financial organizations to implement key blocks at various deadlines, depending on the role that they play.
The key block requirement goes like this:
“Per PCI PIN Security Requirements, Requirement 18-3, “Key Blocks,” encrypted symmetric keys must be managed in structures called Key Blocks. The key usage must be cryptographically bound to the key using accepted methods, such that it must be infeasible for the key to be used if the usage attributes have been altered.”
Not all the HSMs are able to deal with key blocks as defined by ASC TR-31 (what the PCI norm requires), some use a proprietary closed key block schema which is not compliant.
Having an HSM which is PCI PTS v3 compliant is certainly a guarantee to be able to use it for a long time.
With the apparition of ‘modern banking’, including open banking as per the PSD2 directive, the technical landscape of banks is moving slowly from a rigid monolithic environment (often made of mainframes) to a more fluid and agile landscape with cloud computing, private clouds, and hybrid environments.
It is therefore important to check if the new HSM will be able to adapt itself to potentially new interfaces, web services, open APIS, etc. which may involve interfacing cloud-based key managers for instance.
Finally, it’s no more a taboo to speak openly that even the HSMs themselves have vulnerabilities. Some HSMs have been found with important PKCS#11 vulnerabilities that could allow attackers, including insiders with small privileges, to gain access to important secrets and endanger the security of the bank or financial organization.
Some remote access to HSM also has been exposed as vulnerable as well as the ability to check the validity of PIN codes through unsecured HSM interfaces.
Recall that hackers are often seasoned engineers with a serious background in cryptography or IT security that has gone rogue for several reasons and that, unfortunately, they may even be bank insiders.
An HSM must be able to protect itself from all these attacks, especially by implementing strict rules when it comes to management (shared secrets, dual control, etc)
There are many points to consider when checking which HSM can secure a long term relationship with your organization. We hope we provided some useful guidelines to help you make a good choice and future-proof your payment HSM estate!
Acodez is a renowned website development and web design company in India. We offer all kinds of web design and web development services to our clients using the latest technologies. We are also a leading digital marketing company providing SEO, SMM, SEM, Inbound marketing services, etc at affordable prices. For further information, please contact us.
Contact us and we'll give you a preliminary free consultation
on the web & mobile strategy that'd suit your needs best.
What is an Encrypted Virus – Its Threats and Countermeasures?Posted on Dec 29, 2020 | Cyber Security