-
Version 3.0 Stable
released this
2022-10-10 06:40:00 +08:00 | 650 commits to master since this releaseThis is a major release.
New tool:
pico-hsm-tool.pyIt initializes the Pico HSM device and manages multiple options:
- First time of usage, the device must be initialized with this tool to upload the signed device certificate, attestated by an external PKI.
- It performs a report to attestate any key of the device, imported or generated inside.
- It sets and gets the datetime for Real Time Clock operations.
- It allows to modify dynamic options, like enable/disable press-to-confirm button or internal key usage counter for every key.
Internal security refactoring
Previously, the device used the PIN to encrypt safely the stored private and secret keys. However, with the addition of PKA, which does not use PIN, the internal keys were vulnerable, as they were not encrypted with a random passphrase. To solve it, a new method is added.
When the device is initialized withpico-hsm-tool, a unique device certificate is uploaded based on an internal device key (key id 0). This initial key is used to attestate the rest of the keys generated by the user and all of them are encrypted safely with a PIN provided during the initialization.
After this first initialization, the device can also be reinitialized to enable other advanced features, such as PKA.XKEK
XKEK is a new way to exchange secret and private keys between two Pico HSM devices, in a more sophisticated and secure way. Previously, with DKEK, the keys were exported and encrypted with a secret, shared between all the participations. However, it may break the security is the secret is compromised.
With XKEK, the Pico HSM creates a secure zone (named key domain), where a certificate from a specific Pico HSM device is imported. Then, all keys generated and exported from/to this domain are tied to these Pico HSM devices. These keys cannot leave the domain without creating another domain. Definitively XKEK adds a more robust and secure way to exchange keys.
MKEK
A Master Key Encryption Key (MKEK) is added to the device. This MKEK is generated the first time is initialized and is encrypted with a PIN. MKEK is used to encrypt all generated keys, keeping them safe from unauthorized memory dumps. Though a Pico HSM is an open hardware platform that can be examined by an attacker and dump its flash memory, all keys are encrypted with the MKEK, which is in turn encrypted with PIN.
Other enhancements:
- Upgraded to Pico SDK 1.4
- Added ECDH algorithms for XKEK
- Added key usage counter to link a usage counter for every generated key. It can be used to audit a particular key.
- Using mbedtls_zeroize to zeroing memory zones.
- Device key uses SECP256R1 key.
- Removed 3DES support as it is considered insecure.
- Added a persistent memory zone, which survives after multiple reinitializations.
- Upgraded to Mbedtls 3.2.1
Bug fixes:
- CVC are self-signed (chr=car) by default.
- Fix DKEK status report on multiple boots.
- Fix DKEK deletion.
- Fix wrap/unwrap keys with specific allowed algorithms.
- Fix VID/PID patcher.
- Fix session with SO-PIN.
- Fix changing SO-PIN.
Downloads