Timeline for answer to What advantage do hardware tamper-resistance provide in HSM? by garethTheRed
Current License: CC BY-SA 4.0
Post Revisions
3 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| 2 days ago | comment | added | user1641237 | I think my key question is "when physical anti-tampering starts to matter, then the attacker is already in a position to use the HSM as an oracle, so whether the attacker can extract raw keys in addition to using them over an oracle interface doesn't sound like much a difference". | |
| 2 days ago | comment | added | user1641237 | Okay, but if all we need is tamper-evidence then a cheap $500 server box locked in a metal enclosure over an Ethernet link provides the same functionality... If the attacker can wield angle grinders in the server room to cut the enclosure, then they can surely remove an HSM from the room altogether and use it elsewhere at their leisure, no? If they can't, then all they do is still talk over the command interface. | |
| 2 days ago | history | answered | garethTheRed | CC BY-SA 4.0 |