MIT Kerberos KDC crypto tasks offloaded to HSM
Ken Raeburn
raeburn at MIT.EDU
Thu May 15 20:44:11 EDT 2008
On May 15, 2008, at 18:36, Chris Glidden wrote:
> Is there a public location where I might be able to view a Kerberos
> roadmap?
Hmm... at http://www.kerberos.org/events/Board-4-7-08/index.html there
are some slides from presentations given at the last Kerberos
Consortium board meeting; it looks like no post-meeting report has
been posted though. Based on feedback from some of the Consortium
sponsors, we've been re-evaluating some of our plans.
> I am curious if there has ever been any thought directed to securing
> the KDC
> master/root key with a Hardware Security Module.
Are you thinking of something along the lines of the secure
coprocessor KDC integration project done by Naomaru Itoi at UMich
several years back? (http://portal.acm.org/citation.cfm?id=1251315)
In this project, most of the core security work of the KDC was moved
into a tamper-resistant coprocessor card. In order to protect not
just the KDC master key, but also the long-lived secret keys of users
and services, the manipulation of various Kerberos messages, including
such things as decoding and encoding some ASN.1 types, was pushed into
the coprocessor, while such things as database access (with entries
partially encrypted when outside the coprocessor card) and network
access were left outside. And even for systems without such
coprocessors, the separation of functionality might be beneficial
anyways.
The idea comes up now and then, but usually not with enough interest
overall for it to become a priority for us. Of course, the more
demand there is for it, the more that can change...
--
Ken Raeburn, Senior Programmer
MIT Kerberos Consortium
More information about the krbdev
mailing list