With increasingly tough security and privacy regulations, the use of cryptography is exploding in the modern enterprise. Hardware security modules (HSMs) provide the highest standard of security and compliance, but they are difficult to use and often deployed in silos, complicating compliance and hindering crypto-agility. As competitive pressures intensify, how can cryptography be turned into an enabler of business agility and digital transformation?
This article looks at the concept of adding a “Crypto Abstraction Layer” between crypto applications and HSMs to help simplify and accelerate the development of cryptographic applications, with the additional benefit of enhancing security, efficiency, compliance and crypto-agility.
Why Use HSMs?
HSMs are widely used to provide cryptographic services to business applications because of the unique security properties they offer. Specifically, HSMs provide a trusted platform with the ability to generate strong cryptographic keys and efficiently perform cryptographic operations using those keys within a robust security perimeter. They are typically certified against widely-recognized standards such as FIPS 140-2 and Common Criteria, which objectively quantify the level of security they provide.
The HSM architectural security model is well-proven and effective at defending against a wide range of logical and physical attacks. Once a luxury, HSMs are almost a necessity today due to the increasing dependence of business applications on cryptography and the ever-growing threats against server-based solutions that store keys locally and perform cryptographic operations in software. Large deployments of HSMs can be found within financial organizations and anywhere that high-value data or transactions need to be protected to the highest security and/or regulatory standards.
The Challenges of Using HSMs
However, HSMs are complex to use from the standpoint of an application developer. This is because the standard APIs, such as PKCS#11 and CNG, are designed by and for crypto experts and operate at a very low level. This gives rise to the following problems:
-
The risk of inadvertent errors. For any particular application, the developer needs to decide which algorithm to use, what key length and (for certain operations) they need to specify obscure things like encryption mode, initialization vector, padding type, etc. Unless everything is done correctly, the result (whilst still possibly functional) could be vulnerable to known cryptographic attacks.
-
Long project timescales. For development teams unfamiliar with cryptography and the standard APIs, the learning curve is very long; even for more experienced developers, the code will need to carefully peer-reviewed and testing will need to be extensive. Multiple iterations may be required.
-
Lack of crypto-agility. By hard-coding all the crypto parameters into the application, should any of them need to be changed in the future, the code will need to be modified, re-reviewed, re-compiled, re-tested and re-deployed. This may sound unlikely, but history has taught us that all cryptographic algorithms have a finite lifetime, be it MD5, SHA-1, DES, 3DES or whatever, and the minimum safe key length for many algorithms (e.g. RSA) increases steadily over time. We cannot always expect to get plenty of warning, as cryptoanalysis tends to advance in sudden jumps. Moreover, with quantum computing on the horizon, the long-term security of public-key algorithms such as RSA and ECDSA is already in doubt.
-
Key management. It is commonly said that “Cryptography is easy, key management is hard”. Any application using cryptography needs cryptographic keys, so the application is typically responsible for directing the HSM to generate and use these keys correctly. This includes defining the meta-data associated with the keys, such as PKCS#11 attributes, crypto-period and so forth. Best practice generally requires strict governance processes around key generation, key backup, etc. This requires developers to understand these issues and to interact with the HSM operations and security teams.
Introducing a Crypto Abstraction Layer
To solve all these problems, we need to introduce the concept of a “Crypto Abstraction Layer” between the application and the HSM.
The function of this middleware is to provide the application developer with a high-level API that is trivial to understand and use correctly, removing all the complexity of the standard low-level APIs. This virtually eliminates the risk of inadvertent errors, while speeding up application development and deployment. It also enables the creation of meta-functions that combine multiple low-level HSM operations into a single high-level API operation, making life even easier for the developer.
Of course, if the complexity is removed from the API, then it must go somewhere. The answer is that “crypto policy” is defined within the Crypto Abstraction Layer – this describes all the important crypto parameters for the application, and it can be maintained and controlled by crypto experts / security team (rather than the application developer).
Furthermore, crypto-agility is achieved by simply modifying this policy definition, rather than modifying the application itself – a much quicker and lower-risk task (read more on crypto-agility).
In addition, the Crypto Abstraction Layer may be integrated with a centralized Key Management System to ensure that all keys are managed in accordance with appropriate policies, standards and regulations.
Finally, the Crypto Abstraction Layer can be shared between multiple applications, enabling them to utilize a common pool of HSMs and a centralized crypto policy. This has the multiple benefits of increasing efficiency, improving manageability and resilience, and simplifying scalability and compliance audits.
Conclusions
Organizations using HSMs should consider utilizing a Crypto Abstraction Layer between their applications and their HSMs to:-
Improve security posture
-
Reduce application delivery timescales
-
Introduce crypto-agility
-
Simplify key management compliance
-
Reduce capital and operating costs
-
Minimize the number of crypto experts required
In a world where digital transformation is essential to remain competitive in the market, a Crypto Abstraction Layer is a valuable tool to reduce costs and increase business agility, while also delivering significant security and compliance benefits.
References
- Understanding Hardware Security Modules (HSMs) (2017)
by Peter Smirnoff - What is Crypto-Agility? (2018) by Jasmine Henry
- Cryptographic Key Management Concepts: on Key Generation, Metadata, Life-cycles, Compromise and more (2019), by Rob Stubbs
- Selected Articles on Quantum Cryptography (2017-today), by Dawn M. Turner, Rob Stubbs, Terry Anton and more
- Selected Articles on Crypto-Agility (2017-today), by Dawn M. Turner, Jasmine Henry, Rob Stubbs, Terry Anton and more
- Study on Cryptography as a Service (CaaS) by Yudi Prayudi and Tri Kunturo Priyambodo, November 2014.
- NISTIR: Report on Post-Quantum Cryptography by the National Institute of Standards and Technology, April 2016.
- Cryptomathic Answers Compliance-Driven Call for Crypto-Agility by Cryptomathic, May 2018.