Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for...
Transcript of Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for...
![Page 2: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/2.jpg)
Problem description
● To satisfy security needs, DNS operators use Hardware Security Modules.
● Specialized hardware that have special security properties.o http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
![Page 3: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/3.jpg)
Problem description
● HSM are expensive.o $50 - $50000o FIPS 140-2 level 1 to level 4.o High security level implies high price.
● Small institutions want to deploy DNSSEC but they can not buy them.
![Page 4: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/4.jpg)
Problem description
● What if ...– we could achieve a good security level without
paying that much?
– we use old and not in use hardware, and we achieve a good security level not paying at all...
![Page 6: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/6.jpg)
Solution description
● Threshold Cryptography
N1N2
N3 N4N5
SD
![Page 7: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/7.jpg)
Solution description
● Threshold Cryptography
N1N2
N3 N4N5
SD
![Page 8: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/8.jpg)
Solution description
● Threshold Cryptography
![Page 9: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/9.jpg)
Solution description
● Threshold Cryptography:– Secure
– Fault tolerant
– Robust
![Page 10: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/10.jpg)
Solution description
● HSM basic architecture
![Page 11: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/11.jpg)
Solution description
● TCHSM Architecture
![Page 12: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/12.jpg)
Solution descriptionOpenDNSSEC Architecture
![Page 13: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/13.jpg)
Solution descriptionOpenDNSSEC Architecture
TCHSM
![Page 14: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/14.jpg)
Solution description
![Page 15: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/15.jpg)
Experiments and results
2 Configuration● Typical desktop computer● Intel dual-core processors at 2.8 GHz● 4 MB of memory cache and 1 GB of
RAM ● (one of them used as DNS server with
OpenDNSSEC)
● Raspberry PI● Broadcom BCM2835 ARM unicore at
700 MHz, 128 KB of memory cache ● 512 MB RAM
Gigabit LAN with latency lower than 1 second, 8 machines of the same type connected.
![Page 16: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/16.jpg)
Our Raspberry PI Cluster!
![Page 17: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/17.jpg)
Experiments and results
Experiment● 8 nodes try to sign the zone registry.● The signature dealer waits until the first 5 not compromised
nodes sign the zone registry.● Measuring the average time of the generation of 1000 RRSIG
signatures.● Also measuring the average time of the generation of 1000
RRSIG signatures using the SoftHSM solution made by OpenDNSSEC's developers.
![Page 18: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/18.jpg)
Experiments and results
Results
Key Size 1024 bits 2048 bits Project Cost
SoftHSM TCHSM SoftHSM TCHSM
Desktop PC 5 ms 69 ms 14 ms 283 ms $0†
Raspberry PI 21 ms 382 ms 81 ms 1408 ms $35 x 8 = $280
† We use old computers that were not in use :)
![Page 19: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/19.jpg)
Implementation problems
● Managed systems memory zeroization.
![Page 20: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/20.jpg)
Future Work
● Implementation diversity.● Full distributed threshold RSA.● GPU Usage.● Replication / Migration.
![Page 21: Low-Cost Threshold Cryptography HSM for OpenDNSSEC · Low-Cost Threshold Cryptography HSM for OpenDNSSEC Francisco Cifuentes francisco@niclabs.cl. Problem description To satisfy security](https://reader030.fdocuments.net/reader030/viewer/2022040512/5e5f7416f1b54d008c566521/html5/thumbnails/21.jpg)
Distributed HSM
Francisco Cifuentes - [email protected]
Links:● www.niclabs.cl● github.com/niclabs/tscrypto