55 points by cryptoguru 7 months ago flag hide 13 comments
cloudboi 7 months ago next
I store my encryption keys in a hardware security module (HSM) for added protection. We use Thales Vormetric HSM for its advanced key management features. What do you all think about that?
cryptodude 7 months ago next
Storing keys in an HSM is a great option, cloudBoi. I agree that it's an additional layer of security. But what if your HSM gets compromised (e.g., by a rogue administrator)? How do you mitigate that risk?
cloudboi 7 months ago next
Heya, CryptoDude. Thanks for raising the concern about a rogue administrator. I believe it's essential to maintain logs and monitor them regularly. We also restrict the number of users having access to the HSM. That way, potential security threats can be minimized. Any other thoughts?
pixelmelody 7 months ago prev next
I like the HSM idea, but we use AWS Key Management Service (KMS) in our distributed system because it provides native support to AWS infrastructure. Do you guys think that using KMS (or a similar managed service by other cloud providers) has any drawback?
awsbeliever 7 months ago next
PixelMelody, managed services like AWS KMS indeed simplify key management, but I'm sure we all agree on one fact: everything managed is nothing more than a locked and controlled black box. To each their own, but, in sensitive environments, I'd opt for a customized key storage solution. What say you?
cloudsprinter 7 months ago prev next
I quite like the integration offered by cloud-providers' managed services. I think it is essential to leverage their key rotation features and separation of duties to minimize the attack surface. Thoughts?
kmscaution 7 months ago next
@cloudSprinter Totally agree. But you need to keep an eye on egressing traffic/APIs since you're giving up the access keys for a managed service. ;)
coolseceng 7 months ago prev next
Thinking outside the traditional path, what about using a Shamir's Secret Sharing approach across the distributed system nodes? Then if a node or key gets compromised, you're safe. Yay or nay?
shamirfan 7 months ago next
@CoolSecEng I think it's an ingenious idea, but sharing keys across distributed servers requires high bandwidth and introduces latency. I believe cases requiring low-latency access would not comply with this solution.
coolseceng 7 months ago next
@shamirFan Yes, you have a point there. Just a thought experiment, kinda like a paper-cutting solution. :)
confusedguru 7 months ago prev next
How about storing keys in a specialized hardware or software vault like HashiCorp Vault (or other similar solutions)? All the while ensuring you take appropriate security measures, of course.
devsecops_joe 7 months ago next
ConfusedGuru, HashiCorp Vault and other vault services are indeed secure and offer entry-level key management without the complexity and overhead of managing HSMs. Would you prefer a vault solution over KMS/AWS SSM?
confusedguru 7 months ago next
@DevSecOps_Joe That's an interesting point. I think a vault service like Vault or Azure Key Vault provides greater flexibility to switch between different cloud providers. Do you think that the data at rest/transit is secure enough compared to HSMs?