> Anyway, if you have really serious SSL security
> requirements, this is the kind of stuff you have to use.
> You can't do it with pure software.
Hmm. So I end up with a slow computer which very few people
have reviewed the design of, that I still have to physically
secure, and this is supposedly better and more secure?
Why is this better than appropriately secured "pure software"?
First of all, the computer isn't slow. The Ncipher box that I'm
using can do 300 RSA signatures (1024 bit) per second. That's
at least 5x faster than the Ultrasparc workstation it's plugged into.
Many people use it simply as an accelerator, rather than a security
enhancer.
Secondly, the devices have undergone very tough security review. The
Ncipher CA is certified at FIPS 140-1 level 3 and the IBM 4758 is
certified at level 4. This means they are built to withstand just
about any attack that the test lab could think of, hardware or
software, and not reveal any secret bits. General purpose computers
make no attempt at all at keeping their contents secret from hardware
attacks. If somebody at your hosting facility makes a copy of your
system backup tapes, he has your keys and/or database. (The
application I'm working on keeps the database encrypted).
On general principles, if something like an encryption key is to be
considered really secret, it can't be on any medium where it can be
copied from. It can't be on disk or on a floppy or a piece of paper
or in someone's mind (like a passphrase). It has to be generated
inside a piece of secure hardware and used there and there can't be
any way to get it out except under extremely controlled conditions for
backup purposes, and even then, it never gets out as cleartext.
It's exported for backup in encrypted form so that it can only
be decrypted by other secure hardware.
Anyway, this is total overkill for most applications and I'm by no
means recommending that most people should be using such stuff. But
the question was about what "industry best practices" were, and as far
as I can tell, this is the kind of gear that banks and brokerages are
using to protect data that, if compromised, could wreak havoc costing
not just millions, but potentially billions (10**9's) of dollars. (If
you know of something better, please tell me).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
