Otu ndị nyocha sitere na Ledger, ụlọ ọrụ na-emepụta obere akpa ngwaike maka cryptocurrency, ọtụtụ adịghị ike na ngwaọrụ HSM (), nke enwere ike iji wepụ igodo ma ọ bụ mee mwakpo dịpụrụ adịpụ iji dochie ngwa ngwa nke ngwaọrụ HSM. Ugbu a na-akọ nsogbu naanị na French, a na-eme atụmatụ akụkọ asụsụ Bekee n'August n'oge ogbako Blackhat USA 2019. HSM bụ ngwaọrụ mpụga pụrụ iche emebere iji chekwaa igodo ọha na nke nzuzo ejiri iji mepụta mbinye aka dijitalụ yana maka izo ya ezo data.
HSM na-enye gị ohere ịbawanye nchekwa nke ukwuu, ebe ọ na-ekewapụ igodo kpamkpam na sistemụ yana ngwa, na-enye naanị API maka imezu ihe mbụ cryptographic etinyere n'akụkụ ngwaọrụ. A na-eji HSM eme ihe na mpaghara ebe achọrọ nchekwa kachasị elu, dị ka ụlọ akụ, mgbanwe cryptocurrency, na ndị nwe asambodo maka ịchọpụta na imepụta asambodo na mbinye aka dijitalụ.
Ụzọ mbuso agha a tụrụ aro na-enye ohere ka onye ọrụ na-enwetaghị ikike nweta njikwa zuru oke n'ime ọdịnaya nke HSM, gụnyere iwepụta igodo cryptographic niile na nzere onye nchịkwa echekwara na ngwaọrụ ahụ. A na-akpata nsogbu ndị ahụ site na ntinye ihe nkpuchi na ime PKCS#11 onye na-ahụ maka iwu na njehie na mmejuputa nke nchekwa firmware cryptographic, nke na-enye gị ohere ịgafe nkwenye firmware site na iji PKCS#1v1.5 dijitalụ mbinye aka wee malite ntinye nke onwe gị. firmware n'ime HSM.
Dị ka ihe ngosi, ebudatara firmware gbanwetụrụ, nke agbakwunyere azụ azụ, nke na-anọgide na-arụ ọrụ mgbe emechara nrụnye nke mmelite firmware n'aka ndị nrụpụta. A na-ebo ebubo na enwere ike ịme mwakpo ahụ n'ime ime (usoro agha ahụ akọwapụtaghị, mana ọ nwere ike ịpụta dochie ngwa ngwa ebudatara ma ọ bụ bufee asambodo enyere maka nhazi).
Achọpụtara nsogbu ahụ n'oge nnwale fuzz nke mmejuputa iwu PKCS#11 nke a tụrụ aro na HSM. A haziri nnwale site na itinye modul ya na HSM site na iji SDL ọkọlọtọ. N'ihi ya, achọpụtara oke njupụta na ntinye nke PKCS # 11, nke tụgharịrị bụrụ nke a na-erigbu ọ bụghị naanị site na gburugburu ebe obibi nke HSM, kamakwa site na ịnweta onye ọkwọ ụgbọ ala PKCS # 11 site na isi sistemụ arụmọrụ nke kọmputa. nke ejikọrọ modul HSM.
Na-esote, ejiri njupụta nke ihe nchekwa ahụ mebie koodu n'akụkụ HSM wee kpochapụ paramita nnweta. N'oge ọmụmụ nke ndochi ahụ, achọpụtara adịghị ike ọzọ nke na-enye gị ohere ibudata firmware ọhụrụ na-enweghị mbinye aka dijitalụ. N'ikpeazụ, e dere modul omenala ma tinye ya na HSM, nke na-atụfu ihe nzuzo niile echekwara na HSM.
Egopụtabeghị aha onye nrụpụta nke ngwaọrụ HSM nke egosipụtara adịghị ike ya, mana ebubo na ngwaọrụ ndị nwere nsogbu na-eji ụfọdụ nnukwu ụlọ akụ na ndị na-enye ọrụ igwe ojii. A na-akọ na ezigara onye nrụpụta ozi gbasara nsogbu ndị ahụ na mbụ ma ọ kpochapụrụ adịghị ike na mmelite firmware ọhụrụ. Ndị nchọpụta onwe ha na-atụ aro na nsogbu ahụ nwere ike ịdị na ngwaọrụ sitere na Gemalto, nke na May Sentinel LDK nwelite na mkpochapụ nke adịghị ike, ịnweta ozi gbasara nke ka dị .
isi: opennet.ru