[Opendnssec-user] HSM size

Paul Wouters paul at nohats.ca
Sat Dec 22 22:10:00 UTC 2012


On Sat, 22 Dec 2012, Jakob Schlyter wrote:

>> could someone please explain the threat model and the circumstances
>> which warrant an hsm?
>
> It usually boils down to that you know if your keys are compromised or not; either you have the HSM or you don't (given that the keys can not be extracted in a controlled way). In a lot of environments, this property alone warrant an HSM.

However, I haven't heard from HSM vendors if they are not vulnerable to
the various padding oracle attacks, and the HSMs I've looked at, do not
support disabling encryption and only allow signing of data. So I'm not
convinced an HSM even brings you this security.....

> There are of course other nice properties, such as speed, but IMHO those are secondary.

For those who want slower speed?

Paul



More information about the Opendnssec-user mailing list