[149159] in cryptography@c2.net mail archive
Re: [Cryptography] HSM's
daemon@ATHENA.MIT.EDU (Tony Arcieri)
Tue Jan 21 02:53:11 2014
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <r422Ps-1075i-72B6A53C41B149EB8BDC70C3116362F0@Williams-MacBook-Pro.local>
From: Tony Arcieri <bascule@gmail.com>
Date: Mon, 20 Jan 2014 16:03:48 -0800
To: Bill Frantz <frantz@pwpconsult.com>
Cc: Cryptography Mailing List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============6946558983379639494==
Content-Type: multipart/alternative; boundary=bcaec51d2eb84f720904f06fbf14
--bcaec51d2eb84f720904f06fbf14
Content-Type: text/plain; charset=ISO-8859-1
On Sun, Jan 19, 2014 at 10:54 AM, Bill Frantz <frantz@pwpconsult.com> wrote:
> There seem to be at least three approaches to the problem: (1) Split the
> key into enough pieces that a single rogue HSM can't compromise security.
> (2) Isolate the HSM(s) such that they can't communicate the key or perform
> rogue signatures. (3) Require signatures from all the HSMs for validity.
>
Just want to say I love #3: multisignature trust, because it completely
decentralizes the problem and no one machine ever has to reassemble a
master secret.
--
Tony Arcieri
--bcaec51d2eb84f720904f06fbf14
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On S=
un, Jan 19, 2014 at 10:54 AM, Bill Frantz <span dir=3D"ltr"><<a href=3D"=
mailto:frantz@pwpconsult.com" target=3D"_blank" onclick=3D"window.open('=
;https://mail.google.com/mail/?view=3Dcm&tf=3D1&to=3Dfrantz@pwpcons=
ult.com&cc=3D&bcc=3D&su=3D&body=3D','_blank');r=
eturn false;">frantz@pwpconsult.com</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im"><span style=3D"color:rgb(3=
4,34,34)">There seem to be at least three approaches to the problem: (1) Sp=
lit the key into enough pieces that a single rogue HSM can't compromise=
security. (2) Isolate the HSM(s) such that they can't communicate the =
key or perform rogue signatures. (3) Require signatures from all the HSMs f=
or validity.</span></div>
</blockquote><div><br></div><div>Just want to say I love #3: multisignature=
trust, because it completely decentralizes the problem and no one machine =
ever has to reassemble a master secret.</div><div>=A0</div></div>-- <br>
Tony Arcieri<br>
</div></div>
--bcaec51d2eb84f720904f06fbf14--
--===============6946558983379639494==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============6946558983379639494==--
