Attacks on computer systems and networks have never been more prolific, hence the great effort from government, industry and academia, to identify and adopt information/cyber security best-practices. Most of this effort has been directed to the logical design and operational security of systems, however the security of implementation is also vitally important, especially for critical and machine-to-machine infrastructures. One approach to underpinning implementation security, is to distribute, certified-secure chips, as hardware security modules (HSM), to provide strongly attack-resistant and trusted endpoints for protocols. A risk with physically deploying fixed function HSMs is that they may need to have a long life-time, yet be unable to support new algorithms and protocols in response to evolving threats and defenses; so a manageable secure platform is attractive. Existing single-chip platforms have specialist hardware security, including crypto coprocessors to help performance, however their general processing is slow, due to the secure platform software defenses, within what are small, low-cost and low-power chips. In this research we explore the idea of multiple HSMs sharing resources on security processing tasks, without compromising that security via inter-HSM communications. The proposal and related performance experiments center around clusters of up to eight HSMs, using a communications protocol, based on Offset Codebook authenticated encryption; sharing resources for processor intensive tasks. A localised cluster of MULTOS Trust-Anchor chips was used for experimentation, although the principles of the proposal extend to clusters that are widely dispersed.
|Number of pages||17|
|Publication status||E-pub ahead of print - 31 Oct 2020|
|Event||Future Technologies Conference 2020 - On-line due to Covid-19, Vancouver, Canada|
Duration: 5 Nov 2020 → 6 Nov 2020
|Conference||Future Technologies Conference 2020|
|Abbreviated title||FTC 2020|
|Period||5/11/20 → 6/11/20|