zardoz99
Posts: 175
Joined: Fri Jan 13, 2012 2:25 pm
Location: Somewhere in Canada.

Re: Raspberry Pi as an HSM?

Fri Mar 30, 2012 10:36 pm

Has anyone considered that, due to its hard soldered PoP/SoC combination, it might make a quite good HSM. It could load the encrypted contents from a LUKS filesystem on the SD card. This would then be unpacked into memory and run from there.

From Wikipedia…

A hardware security module (HSM) is a type of secure cryptoprocessor targeted at managing digital keys, accelerating cryptoprocesses in terms of digital signings/second and for providing strong authentication to access critical keys for server applications. These modules are physical devices that traditionally come in the form of a plug-in card or an external TCP/IP security device that can be attached directly to the server or general purpose computer.

The goals of an HSM are (a) onboard secure generation, (b) onboard secure storage, (c) use of cryptographic and sensitive data material, (d) offloading application servers for complete asymmetric and symmetric cryptography. HSMs provide both logical and physical protection of these materials from non-authorized use and potential adversaries. In short, they protect high-value cryptographic keys.

Just an idea….

SeanD
Posts: 121
Joined: Wed Sep 21, 2011 12:25 am
Contact: Website

Re: Raspberry Pi as an HSM?

Fri Mar 30, 2012 11:24 pm

The problem is that you will be running it in memory on a pretty well known and physically insecure SoC.  However for lower security applications if the RPi was semi potted it would make a good little and inexpensive HSM, certainly good for some dev applications.  Certainly a lot cheaper than the ones we use, but also a lot less performant and secure.

User avatar
Gert van Loo
Posts: 2482
Joined: Tue Aug 02, 2011 7:27 am
Contact: Website

Re: Raspberry Pi as an HSM?

Fri Mar 30, 2012 11:33 pm

Unless, of course, you run it on a unknown and physically secure GPU. (Of course somebody at Broadcom would have to write the code.)

zardoz99
Posts: 175
Joined: Fri Jan 13, 2012 2:25 pm
Location: Somewhere in Canada.

Re: Raspberry Pi as an HSM?

Fri Mar 30, 2012 11:46 pm

As the core is an ARM1176, could the Trustzone functionality be invoked?

SeanD
Posts: 121
Joined: Wed Sep 21, 2011 12:25 am
Contact: Website

Re: Raspberry Pi as an HSM?

Sat Mar 31, 2012 12:15 am

zardoz99 said:


As the core is an ARM1176, could the Trustzone functionality be invoked?


I think we have determined that TrustZone is not available, but you are right with a TSM involved you could provision the TEE and use both TZ as the secure element and also do a lot of the crypto in the TEE.  However the SoC has limited physical protection as even with TZ the SoC is designed to store device/user credentials rather than root keys.

zardoz99
Posts: 175
Joined: Fri Jan 13, 2012 2:25 pm
Location: Somewhere in Canada.

Re: Raspberry Pi as an HSM?

Sun Apr 01, 2012 12:59 am

Oh well, so much for THAT idea...

plugwash
Forum Moderator
Forum Moderator
Posts: 3418
Joined: Wed Dec 28, 2011 11:45 pm

Re: Raspberry Pi as an HSM?

Sun Apr 01, 2012 11:57 pm

zardoz99 said:


Has anyone considered that, due to its hard soldered PoP/SoC combination, it might make a quite good HSM. It could load the encrypted contents from a LUKS filesystem on the SD card. This would then be unpacked into memory and run from there.


And where would it get the key from to read those encrypted contents? afaict there is no user-accessible nonvolatile storage on the Pi. Even if there was someone could just swap out the SD card and replace it with one that read out the key rather than using the key to decrypt the SD card.

zardoz99
Posts: 175
Joined: Fri Jan 13, 2012 2:25 pm
Location: Somewhere in Canada.

Re: Raspberry Pi as an HSM?

Mon Apr 02, 2012 12:10 am

How about off a Yubikey. That would hold the initial LUKS passcode...

Return to “Other projects”