- They are subject to side channel attacks
- Hardware lacks agility. There are things we can’t anticipate, for example in post-quantum computing
- Different HSMs support different modes, so sometimes security protocols have to go to the lower common denominator, minimizing their effectiveness.
Multiparty Computation at the Forefront of RSA
We’ve taken the past couple of weeks to reflect on RSA and consider the many things we learned. In addition to receiving socks, t-shirts, pens and iPads, attendees were genuinely interested to learn about the many new products and technologies exhibiting at the show. For all show hours, we answered questions and discussed our solution with the many passerby’s. The highlight of RSA was the sessions by experts, where attendees hear industry leaders discussing the highest level of technological advancement, insight and scholarship in the industry. We were proud that Prof. Nigel Smart, co-founder at Unbound presented on behalf of KU Leuven in Belgium and demonstrated once again the high-level mathematics on which Unbound’s technology is based. Prof Smart’s presentation: Key Management and Protection: Evaluation of Hardware, Tokens, TEEs and MPC Prof. Smart began his presentation discussing the necessity of securing the keys that protect applications. If you don’t protect the key your application is no longer secure, and so mechanisms are created to try and protect the key. But we end up with a cat and mouse game where we jump through hoops trying to protect the thing which protects the thing which protects the key. And that still isn’t enough. #1: Securing Cryptographic Keys in Dedicated Hardware Traditionally, keys were secured with dedicated hardware such as HSMs, smart cards, key fobs—all which offer strong physical protection for this specific purpose. There are various ways to certify that this hardware is good: FIPS levels 1, 2, 3; Common Criteria, etc. Hardware, says Prof. Smart, comes with significant challenges: