If you’re running sensitive applications and workloads in the cloud and they require encryption, your security policy or compliance mandates will probably require you to secure those keys in a Hardware Security Module (HSM). In this blog James Park-Watt, Automation and Monitoring Engineer at UKCloud, talks about the security challenges cloud brings and how HSMs can help ensure your workloads remain fully protected.
The modern internet is a dangerous place. I once heard the analogy that if the internet was a city it would all be the bad part of town. Being connected to a decentralised public network can bring great benefits, however it doesn’t come without its risks. System administrators are constantly having to change behaviours and implement new technologies to combat an ever-increasing portfolio of new threats that seek to disrupt or extort indiscriminately. Given that, at any given moment the probability of being compromised approaches 1.0, not only are technical staff required to do everything in their power to prevent a compromise from taking place, they’re also required to mitigate the impact of a compromise when it does happen.
Unsurprisingly, one of the most well-known and widely deployed mitigations is encryption. The rationale being that if your data is stolen, without the decryption keys that data is useless. You can therefore expect, with a high degree of confidence, that your secrets will remain secret. Depending on the implementation this may be true, however encryption is not foolproof. There are many documented examples of how encryption can be weakened or bypassed entirely. Even the most noteworthy protocol, TLS, needs to be regularly reviewed to remain secure. Fortunately, the Internet Engineering Task Force (IETF) do some great work maintaining the TLS standard, providing a robust, compatible, easily deployable encryption protocol for engineers and administrators to use.
I just want to pick up on that easily part. You don’t need to search very hard to find a seemingly unlimited number of tutorials going through the detail of how to generate and use these encryption keys in various applications. In the case of HTTPS even your certificate provider themselves will provide an easy to follow tutorial to generate an RSA/EC key, use it to create a certificate request for submission and processing: hey presto encryption. However, an overwhelming majority of these tutorials suffer from a common problem. They instruct the user to generate an encryption key and save it to disk.
Before I continue with why this is an issue, I want to go into a little more detail of what an encryption key does. I’ll continue with the HTTPS scenario as it will be the most familiar to most users. However, keep in mind the same issues are present wherever encryption keys are used, and this problem is not specific to web servers. When encryption is deployed on a website, it is done so using a digital document known as a certificate. Contained within this certificate is some information about the entity it’s associated with, a public key and a digital signature from the certificate issuer. Therefore, a web server that presents this certificate can be authenticated using a pre-installed trusted root certificate contained within the user’s browser. Ultimately the certificate authority has certified that the public key, used in conjunction with the domain name specified in the certificate, is trusted. Or more specifically anybody that holds the private part of the public key contained within the certificate is trusted.
A sensible conclusion is that, to prevent hackers from impersonating your website, this private key needs to be protected. It is this key management step that is often overlooked yet is an important part of security compliance. Key management can take many forms. Certifications and features vary depending on the use case it’s intended to be used with. I want to talk about some of the benefits of using Hardware Security Modules (HSMs).
An HSM is a hardware device purposefully designed to implement cryptographic key material lifecycle policies. The principle is simple: it allows for applications to consume key material to be used for encryption, decryption, signing and verification. Without ever disclosing the key. Depending on your security requirement HSMs are available to conform with standards such as FIPS 140-2 and common criteria among others.
HSMs will generally facilitate following areas of key management:
Encryption keys are generated on the device. Keys are therefore protected from the moment they are created all the way through to when it is destroyed.
HSMs can distribute keys where necessary to facilitate high availability and high throughput applications. This is performed through a secure channel.
Keys are stored in secure cryptographic modules. It’s common for these modules to be tamper-resistant with some even triggering a complete destruction of the key material when when an attempt to tamper with it is detected.
It’s essential for any long-lived key to have some kind of backup mechanism to protect it from accidental destruction of the key material. Data that has been encrypted with lost cryptographic keys is unrecoverable and may have a significant impact.
Accountability and Audit
HSMs enforce the identification of users before key material can be accessed or controlled. This greatly assists in the detection of applications attempting to use key material to which it does not have access.
Hopefully this blog highlights some of the benefits of HSMs. UKCloud currently uses HSMs internally on the platform and is now gathering feedback to understand customer demand for an HSM as a Service offering. Please get in touch by sending us your feedback at firstname.lastname@example.org