Cryptoprocessors
A cryptoprocessor hardware addresses the drawbacks for key generation and storage.
- has smaller attack surface than general computer
- because it’s dedicated to a single function
- can perform decryption and signing on behalf of apps
- key material never leaves the cryptoprocessor
Drawbacks of Storing Key in File System of Computer
- A cryptographic key needs to be generated using a random process
- key generation system with a high degree of disorder—or entropy—ensures that any value from the possible keyspace has the same chance of being selected as any other
- A measure of disorder
- high entropy to better resist brute force attacks
- computer hardware and software is extremely low entropy
- Computers process instructions in an entirely deterministic way
- computer can use pseudo RNG (PRNG) software
- process by which an algorithm produces numbers that approximate randomness without being truly random
- is still deterministic, but able to approximate a high level of disorder
- e.g., GPG mouse and keyboard input usage during keygen
- Better security is obtained by true random number generator (TRNG) hardware
- uses a source of entropy, such as noise or air movement, as a nondeterministic seed for generating the key value
- A key stored in the file system is only as secure as any other file
- could easily be compromised via the user credential or physical theft of the device
- difficult to ensure that key access is fully audited
- Ideally, cryptographic storage is tamper evident
- known immediately when a private or secret key has been compromised
- can be revoked and any ciphertexts re-encrypted with a new key
Uses
- Hardware-based true random number generators (TRNGs)
- Secure generation of keys using the embedded TRNG
- Secure storage of keys that are not externally accessible
- Encryption and digital signing using internally secured keys
- High-speed encryption, offloading the main processor from the computational burden of cryptographic operations
Features
- features that enhance security over standard microprocessors
- Tamper resistance
- Tamper detection with automatic destruction of storage in the event of tampering
- design that makes it difficult to tamper with the device without leaving traces of physical compromise
- e.g.,
- anti-tamper stickers
- secure enclosures that detect unauthorized attempts to open and automatically destroy key material
- e.g.,
- Chip design
- features shield layers to prevent eavesdropping on internal signals using ion probes or other microscopic devices
- Hardware-based cryptographic accelerator
- specialized instructions or logic to increase the performance of standard cryptographic algorithms
- Trusted boot process
- validates the initial boot firmware and operating system load
- Tamper resistance