-
Notifications
You must be signed in to change notification settings - Fork 336
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[create-pull-request] automated change (#2296)
Co-authored-by: cuihtlauac <[email protected]>
- Loading branch information
1 parent
5b87c91
commit 5b8ef84
Showing
1 changed file
with
37 additions
and
0 deletions.
There are no files selected for viewing
37 changes: 37 additions & 0 deletions
37
...arides/nethsm-bringing-open-source-to-the-world-of-hardware-security-modules.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| --- | ||
| title: 'NetHSM: Bringing Open Source to the World of Hardware Security Modules' | ||
| description: "Nitrokey is one of the world\u2019s foremost open-source hardware security | ||
| companies. They develop IT security hardware for data encryption\u2026" | ||
| url: https://tarides.com/blog/2024-03-27-nethsm-bringing-open-source-to-the-world-of-hardware-security-modules | ||
| date: 2024-03-27T00:00:00-00:00 | ||
| preview_image: https://tarides.com/static/fe35f4267aa09a10742e1980f6661012/6b019/purple-cybersecurity.jpg | ||
| featured: | ||
| authors: | ||
| - Tarides | ||
| source: | ||
| --- | ||
|
|
||
| <p><a href="https://www.nitrokey.com/">Nitrokey</a> is one of the world’s foremost open-source hardware security companies. They develop IT security hardware for data encryption, decryption, and signing, including key and user authentication. After eight years of development, they recently released the first fully open-source Hardware Security Module (HSM): an easy-to-use, highly-secure, and customisable security solution.</p> | ||
| <p>Tarides is proud to have played a part in the development of Nitrokey’s HSM solution <a href="https://www.nitrokey.com/products/nethsm">NetHSM</a>, helping to get the project over the finish line after its initial implementation by <a href="https://robur.coop/">Robur</a> and Nitrokey. We value the benefits of open-source, which for NetHSM include customisability, vendor independence, and backdoor checking. Having an open-source option changes the landscape of hardware security and gives users greater choice and more robust security guarantees.</p> | ||
| <h2 style="position:relative;"><a href="https://tarides.com/feed.xml#why-use-an-hsm" aria-label="why use an hsm permalink" class="anchor before"><svg aria-hidden="true" focusable="false" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>Why Use an HSM?</h2> | ||
| <p>HSMs are physical devices that are used for managing secrets, such as digital keys and other sensitive data, and for cryptography including decryption and signing. HSMs are used in many industries for use cases where security is paramount, including in banking, engineering, chemistry, blockchain, etc. For example, one way to use an HSM is as part of a Public Key Infrastructure (PKI), where it generates, stores, and manages asymmetric keys to sign messages and verify signatures. When keys are mapped to identities, this infrastructure can be used to control access to sensitive resources or secure internal communications.</p> | ||
| <p>While general-purpose computers are technically capable of performing the same operations as HSMs, using an HSM has its advantages. By separating all security operations from others into a dedicated device, it is much easier to build and audit defences against tampering, and in general audit usage logs for misuse. In some cases, having a physical HSM also opens up the possibility of specialised acceleration hardware for cryptographic operations, enabling the processing of requests in bulk very efficiently compared to general-purpose hardware.</p> | ||
| <h2 style="position:relative;"><a href="https://tarides.com/feed.xml#what-makes-nethsm-stand-out" aria-label="what makes nethsm stand out permalink" class="anchor before"><svg aria-hidden="true" focusable="false" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>What Makes NetHSM Stand Out?</h2> | ||
| <p>NetHSM comes with more benefits than general-purpose HSMs, combining several additional features into a powerful security solution. Some of these include:</p> | ||
| <ul> | ||
| <li>High Performance and Scalability: One NetHSM alone can handle thousands of cryptographic key operations per second, and due to their statelessness, several NetHSM devices can be clustered together to enable extremely high throughput and availability.</li> | ||
| <li>Memory- and Type-Safe Programming Language: NetHSM is mostly implemented in OCaml, a type- and memory-safe programming language. The main system at all levels – including the TCP/IP, HTTP, TLS, and application stack – is completely written in OCaml from scratch. The implication is that many security vulnerabilities are eliminated, thanks to the <a href="https://tarides.com/blog/2023-12-14-ocaml-memory-safety-and-beyond/">secure-by-design principles of OCaml.</a></li> | ||
| <li>Transparency: NetHSM's source code is available for anyone to read in its <a href="https://github.com/Nitrokey/nethsm">open-source repository</a>. Easy access to the code means that the system's implementation can be independently audited for the absence of back doors and security flaws by users. Even if you're just curious, you can look at the repo and discover how the system and its features are implemented.</li> | ||
| <li>Easy to Use: NetHSM is easily managed via a convenient command-line interface, and client systems can integrate the <a href="https://nethsmdemo.nitrokey.com/api_docs/index.html">REST API</a> using the SDKs available in 35 programming languages or use the <a href="https://www.ibm.com/docs/en/linux-on-systems?topic=introduction-what-is-pkcs-11">PKCS#11</a> module. For a quick, pain-free, start, users can access the free NetHSM service or run it as a container. Due to being open-source all tools, drivers, and documentation are publicly available to users.</li> | ||
| <li>Small Attack Vector: NetHSM is based on <a href="https://mirage.io">MirageOS unikernel</a> technology, that combines operating system and application into a uniquely tailored firmware that contains no unnecessary code. As a result, NetHSM achieves a very small overall system size (around 30 MB) which constitutes a minimal attack vector making it significantly more challenging for bad actors to target.</li> | ||
| </ul> | ||
| <h2 style="position:relative;"><a href="https://tarides.com/feed.xml#mirageos-and-ocaml-make-a-big-difference" aria-label="mirageos and ocaml make a big difference permalink" class="anchor before"><svg aria-hidden="true" focusable="false" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>MirageOS and OCaml Make a Big Difference</h2> | ||
| <p>Nitrokey chose to develop NetHSM using <a href="https://ocaml.org/">OCaml</a> and <a href="https://mirage.io/">MirageOS</a>. As previously mentioned, OCaml is a type- and memory-safe language with <a href="https://tarides.com/blog/2023-12-14-ocaml-memory-safety-and-beyond/">strong security features</a>. In fact, the language’s design entirely <a href="https://tarides.com/blog/2023-07-05-zero-day-attacks-what-are-they-and-can-a-language-like-ocaml-protect-you/">eliminates the risk of the most common cyber attacks</a>. OCaml’s safety record, combined with its growing open-source community, optimised workflows, tools, and performance is a great choice for a groundbreaking project such as NetHSM.</p> | ||
| <p>In addition, the library operating system MirageOS leverages the strengths of OCaml to construct secure, high-performance unikernels. At its lowest level, NetHSM runs the <a href="https://muen.sk/">Muen</a> separation kernel which securely hosts multiple independent components. Muen is a kernel that has been formally verified (using mathematical guarantees) that it does not contain any runtime errors.</p> | ||
| <p>The core component running within Muen is ‘Keyfender’, a MirageOS unikernel with a critical role. Keyfender provides the HTTP endpoints to the NetHSM API, and performs requests made to that endpoint. All cryptographic operations are performed in this unikernel and it is the only component with decrypted access to key stores. Consequently, the security of this component is of paramount importance, which is why Nitrokey chose to use MirageOS and OCaml. Furthermore, the code performing the cryptographic operations themselves, particularly elliptic curves operations, is derived from the <a href="https://github.com/mit-plv/fiat-crypto">fiat-crypto</a> project, which generates cryptographic primitives that are formally proved for functional correctness.</p> | ||
| <h3 style="position:relative;"><a href="https://tarides.com/feed.xml#how-we-helped" aria-label="how we helped permalink" class="anchor before"><svg aria-hidden="true" focusable="false" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>How We Helped</h3> | ||
| <p>Tarides joined the project mid 2022 to help get the project to the finish line. We fixed some remaining issues with networking and endpoint interfaces, and added caching for performance and improvements to the test suite. We also did a lot of general maintenance work, ironing out small issues before release. <a href="https://robur.coop/">Robur</a> did the lion’s share of the initial work designing and building Keyfender. If you would like to discover more, the software is (of course) open-source and can be found on the <a href="https://github.com/Nitrokey/nethsm/">NetHSM GitHub repository</a>.</p> | ||
| <h2 style="position:relative;"><a href="https://tarides.com/feed.xml#until-next-time" aria-label="until next time permalink" class="anchor before"><svg aria-hidden="true" focusable="false" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path fill-rule="evenodd" d="M4 9h1v1H4c-1.5 0-3-1.69-3-3.5S2.55 3 4 3h4c1.45 0 3 1.69 3 3.5 0 1.41-.91 2.72-2 3.25V8.59c.58-.45 1-1.27 1-2.09C10 5.22 8.98 4 8 4H4c-.98 0-2 1.22-2 2.5S3 9 4 9zm9-3h-1v1h1c1 0 2 1.22 2 2.5S13.98 12 13 12H9c-.98 0-2-1.22-2-2.5 0-.83.42-1.64 1-2.09V6.25c-1.09.53-2 1.84-2 3.25C6 11.31 7.55 13 9 13h4c1.45 0 3-1.69 3-3.5S14.5 6 13 6z"></path></svg></a>Until Next Time!</h2> | ||
| <p>Ensuring cybersecurity and protecting sensitive data is crucial for the functioning of several industries in our modern world. Without the guarantees of HSM devices, including secure key management and tamper-resistant storage, users’ personal and sensitive information would be at risk. With NetHSM, information is safeguarded above and beyond what other solutions offer. The open-source solution allows for backdoor checking, and MirageOS, Muen, and OCaml add their own layers of protection.</p> | ||
| <p>Check out <a href="https://www.nitrokey.com/news/2023/after-8-years-development-nethsm-10-available-first-open-source-hardware-security-module">Nitrokey’s blog post</a> to discover more about how you can use NetHSM in your own projects and for your business. At Tarides, we value working with partners who prioritise open-source, secure, and high-quality solutions just like we do and we are proud to bring our expertise to projects like NetHSM.</p> | ||
| <p>You can stay up-to-date with Tarides on <a href="https://twitter.com/tarides_">X</a> (formerly known as Twitter) and <a href="https://www.linkedin.com/company/tarides">LinkedIn</a>, and <a href="https://tarides.com/contact/">contact us</a> on our website for more information or for help with your projects!</p> |