Glossary

Controls the use of Remote Administration cards. If the serial number of a card does not appear in the Authorized Card List, it is not recognized by the system and cannot be used. The list only applies to Remote Administration cards.

An Access Control List is a set of information contained within a key that specifies what operations can be performed with the associated key object and what authorization is required to perform each of those operations.

Part of the Security World architecture, an Administrator Card Set (ACS) is a set of smart cards used to control access to Security World configuration, as well as recovery and replacement operations.

The Advanced Encryption Standard (AES) is a block cipher adopted as an encryption standard by the US government and officially documented as US FIPS PUB 197 (FIPS 197). Originally only used for non-classified data, AES was also approved for use with for classified data in June 2003. Like its predecessor, the Data Encryption Standard (DES), AES has been analyzed extensively and is now widely used around the world.

Audit logging, also known as syslog-sign, adds a number of control messages to the log entries that are to be audited:

The bootloader is the program that boots the HSM and loads the main application. nShield Solo and nShield Connect integrate the bootloader into the main firmware. nShield Solo XC and nShield 5s have discrete bootloader programs.

CAST is a symmetric encryption algorithm with a 64-bit block size and a key size of between 40 bits to 128 bits (but only in 8-bit increments).

This notation represents an arbitrary number used to identify a client. In the nCore API, all client identifiers are 20 bytes long.

The Data Encryption Standard (DES) is a symmetric cipher approved by NIST for use with US Government messages that are Secure but not Classified. The implementation of DES used in the module has been validated by NIST. DES uses a 64-bit block and a 56-bit key. DES keys are padded to 64 bits with 8 parity bits.

The Diffie-Hellman algorithm was the first commercially published public key algorithm. The Diffie-Hellman algorithm can only be used for key exchange.literal -

Also known as the Digital Signature Standard (DSS), the Digital Signature Algorithm (DSA) is a digital signature mechanism approved by NIST for use with US Government messages that are Secure but not Classified. The implementation of the DSA used by nShield modules has been validated by NIST as complying with FIPS 186.

See Digital Signature Algorithm

Virtual card slots that can be associated with a card reader connected to a remote computer. Remote Administration Slots are in addition to the local slot of an HSM and any soft card slot that may be available. HSMs have to be configured to support between zero (default) and 16 Remote Administration Slots.

A variant of the Diffie-Hellman anonymous key agreement protocol which uses elliptic curve cryptography.

Elliptic Curve DSA: a variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography.

Elliptic Curve Integrated Encryption Scheme; a variant of the Integrated Encryption Scheme (sometimes known as Augmented Encryption Scheme) which uses elliptic curve cryptography. It is a hybrid encryption scheme providing semantic security against chosen-plaintext and chosen-ciphertext attacks.

Edwards-curve DSA; a Digital Signature Algorithm (DSA) which uses a variant of Schnorr Signature based on Twisted Edwards curves.

This notation indicates the result of A encrypted with key B.

The Federal Information Processing Standards (FIPS) were developed by the United States federal government for use by non-military government agencies and government contractors. FIPS 140 is a series of publications intended to coordinate the requirements and standards for cryptographic security modules, including both their hardware and software components.

The hardserver software controls communication between applications and nShield modules, which may be installed locally or remotely. It runs as a service on the host computer. The behavior of the hardserver is controlled by the settings in the hardserver configuration file.

A hardware security module (commonly referred to as an HSM) is a hardware device used to hold cryptographic keys and software securely.

This notation indicates a fixed length result that can be obtained from a variable length input and that can be used to identify the input without revealing any other information about it. The nShield module uses the Secure Hash Algorithm (SHA-1) for its internal security.

An identifier hash is a hash that uniquely identifies a given object (for example, a key) without revealing the data within that object. The module calculates the identity hash of an object by hashing together the object type and the key material. The identity hash has the following properties:

A key blob is a key object with its ACL and application data encrypted by a module key, a logical token, or a recovery key. Key blobs are used for the long-term storage of keys. Blobs are cryptographically secure; they can be stored on the host computer’s hard disk and are only readable by units that have access to the same module key.

This is a key object to be kept securely by the module. A key object may be a private key, a public counterpart to a private key, a key for a symmetric cipher (MAC or some other symmetric algorithm), or an arbitrary block of data. Applications can use this last type to allow the module to protect any other data items in the same way that it protects cryptographic keys. Each key object is stored with an ACL and a 20-byte data block that the application can use to hold any relevant information.

When a key object KA is loaded within the module’s RAM, it is given a short identifier or handle that is notated as ID_KA. This is a transient identifier, not to be confused with the key hash HID(KA).

A logical token is a key used to protect key blobs. A logical token is generated on the nShield module and never revealed, except as shares.

This notation indicates a MAC (Message Authentication Code) created using key KC.

The Solo-XC and nShield 5s HSMs are multi-processor systems. All code interfaced directly by the end-user is executed on the main processor. The main processor is sometimes abbreviated to MP when it appears in diagnostic messages and logs.

See Hardware Security Module

A module key is a cryptographic key generated by each nShield module at the time of initialization and stored within the module. It is used to wrap key blobs and key shares for tokens. Module keys can be shared across several modules to create a larger Security World.

The module signing key is the module’s public key. It is used to issue certificates signed by the module. Each module generates its own unique K_ML and K_ML^-1 values when it is initialized. The private half of this key pair, K_ML^-1, is never revealed outside the module.

Multi-tenancy is the ability for a single physical HSM to act as a number of virtual HSMs and thus provide services to a number of different users or tenants. The different tenants are separated cryptographically to ensure that their data cannot be accessed by any other tenant. The nShield 5s HSM has been prepared so that it will be able to provide multi-tenant services in future.

Certain features of the module firmware are available as options. These features must be purchased separately from Entrust. To use a feature on a specific module, you require a certificate from Entrust signed by K_SA. These certificates include the electronic serial number for the module.

Smart cards that are capable of negotiating cryptographically secure connections with an HSM, using warrants as the root of trust. nShield Remote Administration Cards can also be used in the local slot of an HSM if required. You must use nShield Remote Administration Cards with Remote Administration.

The notation K_NSO^-1 indicates the Security Officer’s signing key. This key is usually a key to a public-key signature algorithm.

A smart card reader that allows the card holder to securely confirm the Electronic Serial Number (ESN) of the HSM to which they want to connect, using the display of the device. Entrust supplies and recommends the nShield Trusted Verification Device for use with Remote Administration.

The null module key is used to create Logical Tokens that can be loaded onto any Module (e.g. used when initializing a Security World). The null module key is a symmetric key with a well-known hash and value. As its value is well known, the null module key cannot be used to protect the integrity or confidentiality of any data. It is not possible to create key blobs protected by the null module key. It is possible to create a Logical Token protected by the null module key, but any key (protected by this Logical Token) must have the ACL entry AllowNullKMToken set.

Part of the Security World architecture, an Operator Card Set (OCS) is a set of smart cards containing shares of the logical tokens that is used to control access to application keys within a Security World. OCSs are protected using the Security World key, and therefore they cannot be used outside the Security World.

The recovery key is the public key of the key recovery agent.

The remote access solution, such as SSH or a remote desktop application, which is used as standard by your organization. Enables you to carry out Security World administrative tasks from a different location to that of an nShield HSM.

An optional Security World feature that enables Remote Administration card holders to present their cards to an HSM located elsewhere. For example, the card holder may be in an office, while the HSM is in a data center. Remote Administration supports the ACS, as well as persistent and non-persistent OCS cards, and allows all smart card operations to be carried out, apart from loading feature certificates.

A GUI or command-line interface that enables you to select an HSM located elsewhere from a list provided by the Remote Administration Service, and associate a card reader attached to your computer with the HSM. Resides on your local Windows, Mac, or Linux-based computer.

Enables secure communications between an nShield Remote Administration Card and the hardserver that is connected to the appropriate HSM. Listens for incoming connection requests from nShield Remote Administration Clients. Supplies a list of available HSMs to the nShield Remote Administration Client and maintains an association between the relevant card reader and the HSM.

See Advanced Encryption Standard

The random value, or salt, is used in some commands to discourage brute force searching for keys.

The nShield Solo XC and nShield 5s HSMs are multi-processor systems. The security processor monitors the HSM to ensure secure operation at all times. If the security processor detects an insecure situation, it places the HSM in an error state in which cryptographic operations are prohibited. The security processor is sometimes abbreviated to SP when it appears in diagnostic messages and logs.

The Security World technology provides an infrastructure for secure lifecycle management of keys. A Security World consists of at least one HSM, some cryptographic key and certificate data encrypted by a Security World key and stored on at least one host computer, a set of Administrator Cards used to control access to Security World configuration, recovery and replacement operations, and optionally one or more sets of Operator Cards used to control access to application keys.

The Security World key is the module key that is present on all modules in a Security World. Each Security World has a unique Security World key. This key is generated randomly when the Security World is created, and it is stored as a key blob protected by the ACS.

The notation K_Ti indicates a share of a logical token. Shares can be stored on smart cards or software tokens. Each share is encrypted under a separate share key.

A share key is a key used to protect an individual share in a token. Share keys are created from a Security World key, a pass phrase, and a salt value.

Smart cards used in the local slot of an HSM. Standard nShield cards are not supported for use with Remote Administration.

Hardening a device so that tamper attempts are more difficult (require specialized tools and take more time, e.g. potting and using hardened containers).

Using materials or mechanism that will indicate, under visual inspection, that a tamper has occurred (e.g. tamper evident labels).

Mechanisms that indicate when a potential tamper is occurring (e.g. temperature sensors, that indicate when the temperature of the device’s environment has exceeded a preset threshold).

An automatic reaction to a tamper being detected (e.g. purge of the sensitive data).

Triple DES is a highly secure variant of the Data Encryption Standard (DES) algorithm in which the message is encrypted three times.