Collaborate Disseminate
As you know Multi party computation (MPC) allows creating signature using private key shards and these key shards do not leave devices where they are stored.
Imagine that currently some HSM device stores private key and signs some data.
Wi… Continue reading Effect of increasing number of HSM devices used for MPC signing
HSM allows you to store data in a secure, cost-efficient manner. Here’s what you need to know about it.
The post An overview of hierarchical storage management appeared first on TechRepublic.
Continue reading An overview of hierarchical storage management
we use the old PL5:220 is heavily overloaded
Is "etnetserver" the master cryptographic process?
hsm is in the cluster but apparently the load balancer is not working correctly,
Our developers claim that LB is fine, the problem is… Continue reading PL5:220 is heavily overloaded [closed]
Extracting private keys directly from the card is nearly impossible. With some acid package destruction and electron microscope work, a skilled team, and enough time, money, and luck you can in theory extract keys but it involves not only… Continue reading How do RSA smartcards prevent key exfiltration?
For some time now, we have been assessing the risks from a GDPR perspective when data (data-at-rest) in the Google Cloud is fully encrypted using native means. This means that we create both the KEK and the DEK completely with Google Cloud… Continue reading Risk scenarios when hosting KEK in Google Cloud KMS HSM backended [closed]
To clarify: The FIPS module Security Policy lists using RSA keys for wrap/unwrap. FIPS is a moving target, and the state of the requirements when the CMVP approved module went through the process was such, that a given key’s "usage&… Continue reading Is it (under FIPS) possible to generate a CSR for an asymmetric key with usage=WRAP?
First asked on StackOverflow and referred to this board, here:
I have an embedded system (Netburner 5441x) that encodes public-private RSA keypairs into devices. I have ported OpenSSL into the system but the embedded processor cannot make … Continue reading What is the right way to transfer public-private keypairs over intranet?
Say I’m trying to develop a CEX, hence I will hold custody of users’ keys. How would I go about doing that and ensuring safety and security?
From what I know, I can generate the users’ keys from a seed phrase and store the path used to gen… Continue reading How do centralized crypto exchanges store seed phrases and users’ private keys?
I received a two-component KEK TDES key and a BDK cryptogram, which is encrypted for this KEK.
Do you have any suggestions on how to load such a key into the HSM device? Eg. Luna HSM
Continue reading Import BDK encrypted under the Transport Key KEK on HSM
Let’s say I have access to a "signing server", similar to an HSM. It has a private key internally that should never leave the server. I can (in a secure way, this shouldn’t matter here) ask the server to sign any data using the p… Continue reading Encrypt using signature as symmetric key