views:

410

answers:

3

Hello

I worked and completed a PKI project which used a HSM for generating - storing keys and performing crypto functions. I used PKCS#11 to interface with our application for sigining/verifying and encryption/decryption. Our platform is windows.

Now we are looking to offer a low cost alternative solution by replacing the the HSM with a software security module. I must note here that i am aware of the drawbacks of not using a HSM. Its a trade off between security Vs Cost.

I found that Microsoft provides the Next Generation CryptoAPI (CNG), key store and certificate services. My senior management are not inclined to use open source software. I also found RSA and cryptomathic offering toolkits to perform software based solutions.

Has anybody come across any commercial software security module tool kits to perform key generation, key store and crypto functions?

Programming language - c/c++

Thanks

Raj

A: 

Your best option should be to find a software PKCS#11 library. There should be several implementations on the market - I know that the company I work for sells one. That way you would still be able to switch back to a PKCS#11-compliant HSM and the necessary modifications to the application should be minimal.

Your other options are CryptoAPI or CNG from Microsoft or a toolkit from RSA, Cryptomathic or another vendor. That would probably require more work to rewrite the application - I can't really see any advantage to this option, except that CryptoAPI and CNG are free.

Rasmus Faber
Are you referring "software PKCS#11 library" as wrappers around PKCS#11 cryptoki library? If this is the case, in what way do you think this is different from the functions which i have written for sigining/encryptition etc Can you please point me to some vendors on "software PKCS#11 library". Do these vendors provide key management functions as well or do i need to rely on the OS and another library for storing/accessing the keys? In what ways para 1 of your answer differ from para2. I am actually very confused here. Apologies, if i sound too ignorant.
Raj
PKCS#11 specifies an API (Cryptoki). You have been programming up against this API and presumably had a DLL that implemented this API with an HSM performing the operations. Several companies (including Cryptomathic, which is my employer) sell "software PKCS#11 libraries". A software PKCS#11 library would be a DLL implementing the PKCS#11 library but mapping the functions to a pure software implementation (and storing the keys in (encrypted) files). Key management can be done through the PKCS#11 API, but you might get a separate tool, too (depending on the vendor).
Rasmus Faber
My second paragraph just relisted the options, you already knew of: other cryptographic APIs.
Rasmus Faber
Looking around I actually can't find any vendors for software PKCS#11 libraries besides Cryptomathic (and that is hidden inside the product brochure for the PrimeInk toolkits...), but I am sure that there must be others.
Rasmus Faber
Are you referring Keymanagement as generation,labelling and retrieving? My doubt here is - i had the HSM to store the keys, will this 3rd party library take care of the key store and its security? I have been searching for a while now, has come across PrimeInk(Thanks Rasmus) and cryptokit from Arx. I am not sure whether there are any other vendors, if you come across please share.
Raj
I can't speak for other implementations, but I know the PrimeInk PKCS#11 library stores the key store encrypted on the hard disk with an AES key derived from the password. That is probably as good as it gets with a software library. If you do not need high throughput, another low-cost option might be a smartcard-reader with a smartcard. Those usually come with PKCS#11-libraries, too.
Rasmus Faber
A: 

You could use SoftHSM, which is a pure-software PKCS #11 implementation. It is being used by the OpenDNSSEC project precisely to be swapped out in cases a real HSM is not available, so it might work for you too. However, it's BSD licensed, so I guess your management may not like it on that basis.

If you are looking for low-cost and yet commmercial (I'm not sure if you're specifically looking for something proprietary, which CryptoAPI is, or for something that is commercially supported, which CryptoAPI is not, unless you have a contract with Microsoft), rewriting your application to use the Win32 CryptoAPI seems the only viable option to me. RSA's toolkits are not cheap, in my experience.

Jack Lloyd
Thanks Jack. You are right. If it is going to be case 2, i am planning to go with CNG as MS is phasingout cryptoAPI. Also Mozilla NSS has this virtual token of PKCS#11 implementation as well.
Raj
A: 

Take a look at http://www.openssl.org/related/kits.html for LSM-PKCS11. That could be a solution.

Clizio Merli