cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Contributor I

HSM Testing and Defect Discovery

At this years Black Hat USA we'll see a presentation from a couple of researchers that discovered remote unauthenticated attacks giving full control of a Hardware Security Module (HSM) and complete access to keys and secrets stored on it. That's pretty serious stuff! Cryptosense validated the vulnerability here.

 

Researchers used the SDK provided with the HSM to upload a custom firmware module to the unit. This gave them access to a shell inside the HSM that they could use to run a debugger and analyze the inner workings of the unit. From there, they ran a fuzzer to send random queries to the HSMs PKCS #11 API looking for parameters that would throw the HSM into an unstable state. The tests uncovered several buffer overflow error bugs that they could trigger by sending the HSM certain commands.

1 Solution

Accepted Solutions
Contributor I

Re: HSM (insecurity)

You nailed it @RobertM with that link. The specific issue is with Gemalto ProtectServer HSMs running firmware versions from 3.20.00 to 3.20.10 and ProtectServer-2 HSMs running firmware between 5.00.02 and 5.03.00. 

4 Replies
Contributor I

Re: HSM (insecurity)

This is all good and well, but the topic should be changed to:

 

"HSM (insecurity) flaw in unnamed HSM hardware"

 

People might speed read and think every HSM has or might have the same flaw.

Newcomer II

Re: HSM (insecurity)

It's probably the Gemalto Ledger Vault HSM. Not the Safenet Line of products:

https://safenet.gemalto.com/technical-support/security-updates/

Contributor I

Re: HSM (insecurity)

You nailed it @RobertM with that link. The specific issue is with Gemalto ProtectServer HSMs running firmware versions from 3.20.00 to 3.20.10 and ProtectServer-2 HSMs running firmware between 5.00.02 and 5.03.00. 

Contributor I

Re: HSM (insecurity)


@MikeGlassman wrote:

 

People might speed read and think every HSM has or might have the same flaw.


You're right the sky is not falling and the design "flaw" is not systemic. We can still have faith in HSMs.