In FIPS 140-2 Part 2:Interfaces and Port in the security policy of product told : 1- "the output data path is provided by the data interfaces and is logically disconnected from processes performing key generation or zeroization. No key information will be output through the data output interface when the module zeroizes keys." What is this meaning? 2- And this "The output data path shall be logically disconnected from the circuitry and processes while performing key generation, manual key entry, or key zeroization."
Asked
Active
Viewed 89 times
2 Answers
2
It's cryptographic marketing spiel to convince end users to pay double.
This is about hardware. All it means is that the cryptographic key(s), typically generated via a true random process, is/are never sent outside of the physical device. The best way to illustrate this is by example: https://www.maximintegrated.com/en/design/partners-and-technology/design-technology/chipdna-puf-technology.html. They say:-
Most importantly, the ChipDNA secure key never resides statically in registers or memory, nor does it ever leave the electrical boundary of the IC.
My above example is a physical unclonable function (PUF) designed for secure authentication. You might have one in a posh printer cartridge or embedded microcontroller.
if one user generates a key another user takes management and control. how devices do this?
That would be the case for a key generator/ true random number generator or quantum key distribution node. But not for authentication. There is no need to give out a private key in authentication use cases. The device seals itself off from the external world to either securely sign unpredictable keys, or completely destroy them with no possibility to recall. That way the signature/destroy processes can't be interfered with.
That simply means new keys (TRNG in the schematics) are obfuscated by some one way function; SHA-3 in this case. And in conjunction with a "SHA3 SECRET", probably a general device key owned by Maxim (and the PUF part). That creates an ersatz keyed hash function. The SHA3 SECRET key(s) is/are not directly accessible by any input/output circuits.
It's unlikely that users will ever know the true details as this is proprietary intellectual property and can't be easily audited. FIPS 140-2 is just the applicable standard to which such devices are made.
Zeroization is what it sounds like. That and the key obfuscation are to prevent key extraction discussed in this question.
Paul Uszak
- 15,905
- 2
- 32
- 83
0
I'm reading this as: Interfaces and ports should not leak information that might be related to the keys being generated, manually entered, or zeroized (erased). Otherwise said: keep secrets secret from observers having hooked these communication paths.
fgrieu
- 149,326
- 13
- 324
- 622