OpenHSM: An Open key life cycle protocol for Public Key Infrastructure's Hardware Security Modules
Add to your list(s)
Download to your calendar using vCal
If you have a question about this talk, please contact Saar Drimer.
The private keys used in a PKI are its most important asset. Protect these keys from unauthorised use or disclosure is essential to secure a PKI . Relying parties need assurances that the private key used to sign their certificates is controlled and managed following pre-defined statement policy. Hardware Security Modules (HSM) offer physical and logical protection and should be considered for any PKI deployment. The software that manages keys inside an HSM should control all life cycle of a private key. Normally this kind of equipment implements a embedded
key management protocol and this protocols are not available to public scrutiny due to industrial interests. Other important issue is that HSMs are targeted in their development to the Bank industry and not to PKI , making some important PKI issues, like, strict key usage control and a secure auditing trail, play a secondary role. This paper presents an open protocol to securely manage private keys inside HSMs. The protocol is described, analysed and discussed.
Link to the paper:
http://www.cl.cam.ac.uk/users/jem74/europki-2007.pdf
Paper continuing the idea:
http://www.cl.cam.ac.uk/users/jem74/sbseg2007.pdf
This talk is part of the Computer Laboratory Security Group meeting presentations series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
|
![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small}
![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071)
Friday 22 June 2007, 16:00-16:30