Cryptographic hardware is used in everything from smartphones to smart TVs. Network hardware cryptographic devices include devices capable of accelerating and decrypting Secure Sockets Layer (SSL), as well as hardware devices that ensure that the information stored in the hardware is protected from external software attacks. This section discusses these technologies.
SSL/TLS Accelerators and Decryptors
SSL, the predecessor to TLS, has become the primary encryption standard for web and email transactions. SSL offloading is the process of shifting the burden of encrypting and decrypting traffic sent via SSL from the web server to another device. This process is very resource-intensive. SSL/TLS acceleration originally was done by using a separate PCI card in a computer that contained one or more application-specific integrated circuit (ASIC) coprocessors. SSL accelerators were then developed as separate network appliances. The SSL accelerator is the intermediary between a user and a server. It accepts SSL connections from the user and sends the connection to the server unencrypted.
Load balancers often handle SSL offloading. The load balancer must use CPU resources to handle SSL functions. This interferes with the other functions the load balancer is required to perform, such as distributing traffic, health checking, and content switching. To mitigate the impact of SSL processing on the load balancer, SSL acceleration/TLS acceleration is used. Load balancers are combined with SSL accelerators. This type of device is commonly referred to as an application delivery controller (ADC).
Many online banking, email, and VoIP communications are secured with SSL/TLS encryption. Even though SSL/TLS encryption helps meet data protection compliance requirements and keeps organizational data secure, encryption can be used to hide malicious activity and malware. Security and performance monitoring tools do not automatically decrypt encrypted sessions and inspect the content. SSL/TLS decryption is used for the following reasons:
Monitoring of application performance
Cloud services monitoring
Decrypting SSL traffic is only part of the equation. After decryption, the data has to be forwarded to the appropriate device for inspection. Analysis of the decrypted content is a joint effort and includes devices such as IDS/IPS, firewalls, secure web gateways, and DLP solutions. The device the packets go to depends on the policies in place. Similar to SSL/TLS acceleration, SSL/TLS decryption can be offloaded. However, unlike SSL acceleration, decryption on a single security appliance doesn’t work so well. Many other network devices might require access to the decrypted traffic. A better solution is to implement an SSL/TLS decryption method in which decrypted traffic can be forwarded to the appropriate device based on policies.
A hardware security module (HSM) can be described as a black-box combination of hardware and software/firmware that is attached to or contained inside a computer that is used to provide cryptographic functions for tamper protection and increased performance. HSMs support payment processing and cardholder authentication applications for PCI DSS compliance under FIPS 140-2.
The basic cryptographic operations are the same for the different types of HSMs, but the administration structure and authorization models can vary. Typically, an HSM is installed inside a server box or within an Ethernet cluster. The HSM is then wrapped by the software that provides access to the cryptographic functionality within the HSM. Traditionally, the banking sector has used HSMs to secure numerous large, bulk transactions. HSM security requirements were derived from existing ISO, ANSI, and federal standards, as well as accepted best practice recognized by the financial industry. HSMs are also found in PKI deployments to secure CA keys, handle SSL acceleration, store domain name system security extension (DNSSEC) keys, and encrypt zone records.
Two types of HSMs exist. Some are PC-based, such as PCI-e cards, and others are network-based. The main advantages of the network-attached HSM types are similar to the advantages of using a NAS. They are essentially platform-independent and can be used simultaneously from several clients. Because HSMs are often part of a mission-critical infrastructure such as a public key infrastructure or online banking application, HSMs can typically be clustered for high availability. Some HSMs feature dual power supplies. Host HSM systems are also hardware cryptographic accelerators by nature because the keys do not leave devices in an unencrypted form. The HSM must perform the common cryptographic operations so that it accelerates the intense math functions, offering better performance than a normal software-based crypto system.
HSM systems can securely back up their keys either in a wrapped form or externally. Keys protected by an HSM are only truly hardware-protected if they were generated inside the hardware itself. If a standard software-protected key is imported into an HSM, a non-hardware-protected copy of the key could still exist on old backups.