The Community for Technology Leaders
RSS Icon
Issue No.03 - May-June (2013 vol.11)
pp: 77-80
Benedikt Koppel , ETH Zurich
Stephan Neuhaus , ETH Zurich
Analysis of a hardware security module (HSM) revealed two flaws that could lead to security problems. The first involved key deletion; the second involved unauthorized members of a group of HSMs. Neither flaw is probably fatal, if organizations develop organizational ways to work around it. However, for organizations to apply the solutions, they must be aware of the flaws.
separation of duties, systems security, hardware security module, HSM, cryptography, high availability
Benedikt Koppel, Stephan Neuhaus, "Analysis of a hardware security module's high-availability setting", IEEE Security & Privacy, vol.11, no. 3, pp. 77-80, May-June 2013, doi:10.1109/MSP.2013.56
1. A. Lee, M.E. Smid, and S.R. Snouffer, Security Requirements for Cryptographic Modules, FIPS (Federal Information Processing Standard) PUB 14-2, US Nat'l Inst. of Standards and Technology, May 2001; www.nist.govmanuscript-publication-search.cfm?pub_id=902003.
2. PKCS #11 v2.30: Cryptographic Token Interface Standard, RSA Laboratories, Apr. 2009;
3. Cryptography Reference, Microsoft, 2013;
4. Cryptography API: Next Generation, Microsoft, 2013; windows/desktopaa376210%28v=vs.85%29.aspx.
5. Java Cryptography Architecture (JCA) Reference Guide for Java Platform Standard Edition 6, Oracle, 2011; guides/security/cryptoCryptoSpec.html.
6. Archive: Java Cryptography Extension 1.2.2, Oracle, 2013;
736 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool