You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
You can have an attester that has HSM security and does no hashing. An example of this is a purpose-built HW that just provides identity.
You can have an attester that does lots of hashing of lots of things and isn’t an HSM in any sense. An example of this is an attester built into an operating system.
In my opinion, it is mandatory for the RATS WG to provide guidance on what AR claims might be legitimately be made about from different categories of Attesters. The objective of ar4si section 2.2.1 is to differentiate categories of Attester. I do accept your point that there are HSMs which don't do hashing. This insight helps improve the document. So I have just added a tracking issue with a suggestion to change the category name to "tpm-pcr-hashing".
If you want to propose additional HSM types which generate non-hash based evidence, that would be helpful. The intention/goal of a category should be to help restrict what AR claims might legitimately be made about an Attester.
When I copied text from the security levels definition, it was all about hardware security, not hashing. I don’t think any sort of hashing in an attesters architecture can stand in for hardware security. (And the security levels text could probably be improved).
(You know what I mean about hardware security right? These are defenses against attacks on the HW. For example, extra electrical circuits that shutdown the chip if the supply voltage is too low to prevent manipulation of the supply voltage to get the hardware to execute incorrectly. There are lots of these.)
Can you point to a definition for Hardware security? While I know in general what it means, but you can't define just the term based on examples. Nor can you define it with by saying "substantial defense". What is needed are one or more sentences which says what is covered and what is not.
Eric
The text was updated successfully, but these errors were encountered:
Hi Laurence,
From: Laurence Lundblade, March 14, 2022 2:18 PM
Hi Eric,
Hashing is one thing and HSM security is another.
You can have an attester that has HSM security and does no hashing. An example of this is a purpose-built HW that just provides identity.
You can have an attester that does lots of hashing of lots of things and isn’t an HSM in any sense. An example of this is an attester built into an operating system.
In my opinion, it is mandatory for the RATS WG to provide guidance on what AR claims might be legitimately be made about from different categories of Attesters. The objective of ar4si section 2.2.1 is to differentiate categories of Attester. I do accept your point that there are HSMs which don't do hashing. This insight helps improve the document. So I have just added a tracking issue with a suggestion to change the category name to "tpm-pcr-hashing".
If you want to propose additional HSM types which generate non-hash based evidence, that would be helpful. The intention/goal of a category should be to help restrict what AR claims might legitimately be made about an Attester.
When I copied text from the security levels definition, it was all about hardware security, not hashing. I don’t think any sort of hashing in an attesters architecture can stand in for hardware security. (And the security levels text could probably be improved).
(You know what I mean about hardware security right? These are defenses against attacks on the HW. For example, extra electrical circuits that shutdown the chip if the supply voltage is too low to prevent manipulation of the supply voltage to get the hardware to execute incorrectly. There are lots of these.)
Can you point to a definition for Hardware security? While I know in general what it means, but you can't define just the term based on examples. Nor can you define it with by saying "substantial defense". What is needed are one or more sentences which says what is covered and what is not.
Eric
The text was updated successfully, but these errors were encountered: