Ib pawg ntawm cov kws tshawb fawb los ntawm Ledger, lub tuam txhab uas tsim cov hnab nyiaj kho vajtse rau cryptocurrency, ntau qhov tsis zoo hauv HSM li (), uas tuaj yeem siv los rho cov yuam sij lossis nqa tawm qhov chaw nres tsheb los hloov lub firmware ntawm HSM ntaus ntawv. Tam sim no qhia qhov teeb meem tsuas yog ua lus Fab Kis, lus Askiv hais qhia yog npaj Lub yim hli ntuj thaum lub rooj sib tham Blackhat USA 2019. Ib qho HSM yog ib lub cuab yeej tshwj xeeb sab nraud tsim los khaws cov yuam sij rau pej xeem thiab ntiag tug siv los tsim cov kos npe digital thiab rau cov ntaub ntawv encryption.
HSM tso cai rau koj kom muaj kev ruaj ntseg zoo, vim tias nws cais cov yuam sij tag nrho ntawm lub kaw lus thiab cov ntawv thov, tsuas yog muab API rau kev ua tiav cov txheej txheem cryptographic primitives siv rau sab ntaus ntawv. Feem ntau, HSM yog siv nyob rau hauv cov cheeb tsam uas yuav tsum tau muaj kev ruaj ntseg siab tshaj plaws, xws li cov tsev txhab nyiaj, cryptocurrency pauv, thiab daim ntawv pov thawj tub ceev xwm rau kev txheeb xyuas thiab tsim daim ntawv pov thawj thiab kos npe digital.
Cov kev tawm tsam tawm tsam tso cai rau tus neeg siv tsis tau lees paub kom tau txais kev tswj hwm tag nrho ntawm cov ntsiab lus ntawm HSM, suav nrog rho tawm tag nrho cov yuam sij cryptographic thiab cov ntaub ntawv pov thawj tswj hwm khaws cia hauv lub cuab yeej. Cov teeb meem yog tshwm sim los ntawm qhov tsis txaus nyob rau hauv PKCS # 11 tus neeg saib xyuas sab hauv thiab qhov ua yuam kev hauv kev siv cryptographic firmware tiv thaiv, uas tso cai rau koj hla cov ntawv pov thawj firmware siv PKCS # 1v1.5 digital kos npe thiab pib thauj khoom ntawm koj tus kheej. firmware rau HSM.
Raws li kev ua qauv qhia, ib qho kev hloov kho firmware tau rub tawm, uas lub qhov rooj rov qab tau ntxiv, uas tseem ua haujlwm tom qab kev teeb tsa txuas ntxiv ntawm cov qauv firmware hloov tshiab los ntawm cov chaw tsim khoom. Nws raug liam tias qhov kev tawm tsam tuaj yeem ua tau nyob deb (txoj kev tawm tsam tsis tau teev tseg, tab sis nws yuav txhais tau tias hloov lub rub tawm firmware lossis hloov cov ntawv pov thawj tshwj xeeb rau kev ua haujlwm).
Qhov teeb meem raug txheeb xyuas thaum lub sij hawm fuzz sim ntawm qhov kev siv sab hauv ntawm PKCS # 11 cov lus txib tau npaj hauv HSM. Kev ntsuam xyuas tau teeb tsa los ntawm kev thauj nws cov module rau hauv HSM siv tus qauv SDL. Raws li qhov tshwm sim, qhov tsis txaus siab tau pom nyob rau hauv qhov kev siv ntawm PKCS # 11, uas tau dhau los ua kev siv tsis tau tsuas yog los ntawm ib puag ncig sab hauv ntawm HSM, tab sis kuj los ntawm kev nkag mus rau PKCS # 11 tsav tsheb los ntawm lub ntsiab operating system ntawm lub computer. uas HSM module txuas nrog.
Tom ntej no, qhov tsis muaj dej ntws tawm tau siv los ua cov lej ntawm HSM sab thiab hla dhau qhov nkag tsis tau. Thaum kawm txog kev sau, lwm qhov tsis zoo tau pom tias tso cai rau koj rub tawm cov firmware tshiab yam tsis muaj kev kos npe digital. Thaum kawg, ib qho kev cai module tau sau thiab thauj mus rau HSM, uas pov tseg tag nrho cov lus zais cia hauv HSM.
Lub npe ntawm cov chaw tsim khoom hauv nws HSM cov cuab yeej muaj qhov tsis zoo tau raug txheeb xyuas tseem tsis tau tshaj tawm, tab sis nws tau liam tias cov khoom siv teeb meem tau siv los ntawm qee lub tsev txhab nyiaj loj thiab cov chaw muab kev pabcuam huab. Nws tau tshaj tawm tias cov ntaub ntawv hais txog cov teeb meem yav dhau los raug xa mus rau cov chaw tsim khoom thiab nws twb tau tshem tawm qhov tsis zoo hauv qhov hloov tshiab firmware tshiab. Cov kws tshawb fawb ywj pheej qhia tias qhov teeb meem yuav nyob hauv cov khoom siv los ntawm Gemalto, uas nyob rau lub Tsib Hlis Sentinel LDK hloov tshiab nrog kev tshem tawm qhov tsis zoo, nkag mus rau cov ntaub ntawv hais txog qhov tseem ceeb .
Tau qhov twg los: opennet.ru