©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

CloudHSM Deep-Dive

Dave Walker – Specialised Solutions Architect Security/Compliance

Amazon Web Services UK Ltd

CloudHSM

• Tamper-Proof and Tamper-Evident– Destroys its stored keys if under attack

• FIPS 140-2 Level 2 certified• Base position is to be a Keystore• Can also be used to timestamp documents• You can send data for encrypt / decrypt• Needs to be backed-up (ideally to HSM on customer premises)• Can be (and should) be combined in HA clusters• Is NOT a key management system

– but can work with some third-party ones• Communicates via:

– PKCS#11– JCE

• Some applications need a “plugin”• Safenet have one for Apache

CloudHSM Integration with S3, EBS, EC2

• S3– Integration using SafeNet KeySecure on EC2– White paper at http://www2.safenet-inc.com/AWS-

guides/SafeNetKMIP_AmazonS3_IntegrationGuide.pdf• EBS and EC2

– Use SafeNet KeySecure (6.1.2 or later) on EC2, backed by CloudHSM, for key management

– Install SafeNet ProtectV Manager on EC2 (c1.medium / m1.medium)– Install ProtectV Client on EC2 instances– Use ProtectV for EBS volume encryption (ext3, ext4, swap)– Supported platforms:

• RHEL 5.8, 6.2, 6.3• CentOS 6.2• Microsoft Windows 2008, 2012

– Encrypt full EBS-backed EC2 instances, including root volumes

AWS Databases and CloudHSM

• Redshift:– When using CloudHSM

• Redshift gets cluster key from HSM

• Redshift generates a database key and encrypts it with the cluster key from the CloudHSM

• Redshift encrypts data with the database key

• Redshift supports re-encryption

• RDS– RDS / Oracle EE can use CloudHSM to store keys as per Oracle Wallet

• So TDE can be HSM-backed

• Note that in-memory database contents (once the database has

been unlocked) are cleartext– RAM encryption is not something AWS has today, but it has been done in other

contexts– Homomorphic encryption

– Proof-of-concept with KVM

SafeNet Product Support for AWSSafeNet Product AWS Service(s) Supported Notes

ProtectV and Virtual

KeySecure for AWS

EC2 or VPC Instances and EBS

Storage

GovCloud (Beta)

• Requires Safenet KeySecure (HW or Virtual)

• Available in AWS MarketPlace, as well as SafeNet sales channels

Virtual KeySecure for AWS CloudHSM • Available in AWS Marketplace

• CloudHSM supports Virtual KeySecure as the hardware root of trust

for vKS master keys

StorageSecure AWS Storage Gateway • Safenet KeySecure Hardware (optional)

• iSCSI integration (however StorageSecure also supports CIFS,

NFS, FTP, TFTP and HTTP protocols.)

Luna SA 7000 HSM CloudHSM

RedShift

RDS (via 3rd party vendor)

• High availability

• Key synchronization

• Key Management

Luna Backup HSM CloudHSM • Key backup

ProtectApp S3 and EBS volumes • Can be integrated with Amazon S3 Encryption Clients and AWS

SDKs (Java and .Net)

• Requires SafeNet KeySecure (HW or virtual)

• Can be installed on an EC2/VPC instance to protect data stored on

EBS volumes.

ProtectFile EBS volumes and S3 • Requires SafeNet KeySecure (HD or Virtual)

Difference between CloudHSM and

KMSCloudHSM

• Single-tenant HSM

• Customer-managed durability and

availability

• Customer managed root of trust

• FIPS 140-2 Validation

• Broad third-party app support

• Symmetric and asymmetric ops

• High fixed price ($16.5k/yr/hsm)

KMS

• Multi-tenant AWS service

• Highly available and durable key

storage and management

• AWS managed root of trust

• Extensive auditing

• Broad support for AWS services

• Symmetric encryption only

• Usage-based pricing

Why Customers Choose CloudHSM

• Reasons include:– Control

• Complete control of encryption keys, AWS cannot access key material

• Fine-grained control of how AWS assets can use your keys

– Compliance

• FIPS 140-2 level 2 or 3 certification

• Common Criteria EAL4 certification

– Performance/Availability

• When required, “local” CloudHSM much better than on-prem

– Network transit times

– Usage patterns

Customer Control Over Keys

• Three reasons for this requirement– Regulatory (hard), Policy (soft) and Trust (soft)

• Soft requirements may be addressed by threat

modelling– KMS can be simpler and less expensive for customer to use

– Important to engage customer’s governance resources

• With CloudHSM, customers have absolute

control and authority over keys through

separation of duties

Separation of Duties

• Separation of duties is enforced by the HSM

appliance itself, using RBAC

Customer control keys

and crypto operations

CloudHSM

AWS manages the

appliance

Third-Party Compliance Validation

• Requirements – PCI or other vertical-specific security standard

– Government workloads (US, Canada, and others)

– Enterprise policies increasingly require FIPS validation

• CloudHSM uses SafeNet Luna SA 7000

appliances– FIPS 140-2 Level 2 Validated

– Common Criteria EAL4 Validated

Performance/Availability Advantages

• Customers may have existing on-prem HSMs

• Applications that require HSM access could

leverage on-prem HSMs over VPN or DX

• Latency and availability characteristics of VPN

or DX make CloudHSM desirable

Amazon Really Can’t Access Keys

• AWS has “appliance admin” to the HSM

• Luna SA separates appliance admin from “security officer”

• Customer initializes HSM themselves via SSH

• AWS never sees partition credentials

• Device is automatically wiped if unauthorised access attempted

• Bottom line – you don’t have to trust AWS, you are trusting the HSM vendor (SafeNet) and and third party FIPS/CC validations

Operations

• Each HSM is dedicated to one customer– No sharing or partitioning of the appliance

• Customer is responsible for operating the HSMs in HA mode– SafeNet Client handles replication to multiple HSMs (up to 16)

– SafeNet Client load balances across available HSMs

• Password authentication controls access to the HSM– PEDs (Pin Entry Devices) are not currently supported

• AWS monitors & manages the devices and network infrastructure

• See FAQ and Technical docs for additional details

• Self-service provisioning and management now supported through a public API– CreateHSM and DeleteHSM to provision and terminate HSMs

– ModifyHSM permits changing the network configuration as well as setting up syslog forwarding

• ListHSMs and DescribeHSM allow discovery and querying of provisioned HSMs

• ListAvailableZones provides visibility into where CloudHSM capacity is available

CloudHSM Public API and SDK

• Provisioning and de-provisioning– Easy to provision an HSM, intialise it, clone keys from existing

HSMs

• Easier HSM management– Lots of automation in the CLI to reduce management effort

• Simpler HA configuration– Help you build and maintain HSM high availability (HA)

configurations

– From 9 manual steps, interacting with appliance shell directly

– To 2 simpler steps: create-hapg, add-hsm-to-hapg (for each HSM)

• Source code available via open source license

CloudHSM Command Line Interface (CLI) Tools

• Transparent data encryption support for RDS

Oracle databases

• Store master encryption keys in CloudHSM

instances

• High availability support for two or more HSMs

• Up to 20 separate databases per HSM

CloudHSM for RDS Oracle TDE

Auditing

• CloudTrail– Track resource changes

– Audit activities for security and compliance purposes

– Review all CloudHSM API calls

• Syslog– Audit operations on the HSM appliance

– Send syslog to customer-built and managed collector

CloudHSM Use Cases

EBS Volume Encryption

• Master key stored in CloudHSM

• SafeNet ProtectV & KeySecure

• Instances with ProtectV client

authenticate to KeySecure

• ProtectV client encrypts all I/O to

EBS volume (AES256)

Availability Zone

CloudHSM

CustomerApplications

SafeNetKeySecure

SafeNetProtectV

Client

Redshift Encryption

• Cluster master key in CloudHSM

• Direct integration – no client software required

Your

applications

in Amazon

EC2

Amazon Redshift

Cluster

Your encrypted data

in Amazon Redshift

AWS CloudHSM

Database Encryption (non-RDS)

• Customer-managed

database in EC2– Oracle 11g & 12c with

Transparent Data Encryption

(TDE)

– Microsoft SQL Server 2008 &

2012 with TDE

– Master key in CloudHSM

AWS

CloudHSM

Your database

with TDE in

Amazon EC2

Master key is created in

the HSM and never

leaves

Your applications

in Amazon EC2

Custom Software Applications

• Architectural building block to help you secure

your applications

• Use standard libraries, with back-end HSM

rather than software-based crypto– PKCS#11, JCA/JCE, Microsoft CAPI/CNG/EKM

• Code examples and details in the CloudHSM

User Guide make it easier to get started

Other Use Cases

• Customer use cases continue to emerge:– Enterprises using on-prem HSMs and want to move these workloads to the cloud

– Startups who want to offer high assurance services and achieve compliance

– Enterprises who are not using HSMs for some of their on-prem apps but who want to use HSMs for these apps in the cloud

• Examples:– Object encryption

– Digital Rights Management (DRM)

– Document signing, secure document management & secure document repository

– Payments, financial applications & transaction processing

– Privileged account management

– Certification authority (CA)

Using CloudHSM

Detailed Examples

• Building the CloudHSM Environment

• Configuring High Availability

• Integrating with RDS

Building a CloudHSM Environment

• Create customer

infrastructure using CF

template

• Install the CLI Tools

• Provision HSMs

• Initialise HSMs

Create Infrastructure with CF

Create Infrastructure with CF

Lookup your AZ identifiers on the EC2

Dashboard, and use those names

Install CLI Tools on Control Instance

• SSH to control instance deployed by CF Template

• Download and install the CloudHSM CLI Tools# Install python 2.7

sudo yum install python27

wget https://bitbucket.org/pypa/setuptools/raw/bootstrap/ez_setup.py

sudo python2.7 ez_setup.py

# Download and install the CloudHSM CLI Tools

wget https://s3.amazonaws.com/cloudhsm-software/CloudHsmCLI.egg

sudo easy_install-2.7 -s /usr/local/bin CloudHsmCLI-beta.egg

cloudhsm version

{

"Version": ”<version>"

}

• Assign an IAM role to your instance to permit CloudHSM API access

Provision HSMs

• Create two HSMs (one for each subnet)

$ cloudhsm -c cloudhsm.conf create-hsm --ssh-public-key-file

cloudhsm_ssh.pub --iam-role-arn

arn:aws:iam::315160724404:role/CloudHSM-FRA-CloudHsmRole-

1ZEAT0Z2PB8P --subnet-id subnet-d244b0bb

{

"HsmArn": "arn:aws:cloudhsm:eu-central-1:315160724404:hsm-

f32462d6",

"RequestId": "e55c9da1-7b5b-11e4-9222-dd57de14ff9c"

}

Provision HSMs

• Describe status, wait until status changes from “PENDING” to “RUNNING”

$ cloudhsm -c cloudhsm.conf describe-hsm -H arn:aws:cloudhsm:eu-central-1:315160724404:hsm-f32462d6

{

"EniId": "eni-047fbd6d",

"EniIp": "10.0.201.252",

"HsmArn": "arn:aws:cloudhsm:eu-central-1:315160724404:hsm-f32462d6",

"IamRoleArn": "arn:aws:iam::315160724404:role/CloudHSM-FRA-CloudHsmRole-1ZEAT0Z2PB8P",

"Partitions": [],

"RequestId": "2179b6f0-7b5c-11e4-a252-9d68fcf58947",

"SerialNumber": "472673",

"SoftwareVersion": "5.1.0-25",

"SshPublicKey": “…",

"Status": ”RUNNING",

"SubnetId": "subnet-d244b0bb",

"SubscriptionStartDate": "2014-12-04T02:18:56.292Z",

"SubscriptionType": "PRODUCTION",

"VendorName": "SafeNet Inc."

}

Provision HSMs

• Look for ENI “CloudHSM Managed Interface, DO

NOT DELETE!” in the description

Provisioning HSMs

• Change the ENI security group to the one with the description “Allows SSH and NTLS from the public subnet”

Initialize the HSM

$cloudhsm -c cloudhsm.conf initialize-hsm -H

arn:aws:cloudhsm:eu-central-1:315160724404:hsm-f32462d6 -

-label hsmLabel --cloning-domain cloningDomain --so-

password sopassword

{

"Status": "Initialization of the HSM successful"

}

Configure High Availability

• Create an HAPG (high availability partition group)

$ cloudhsm -c cloudhsm.conf create-hapg --group-label

Partition_001

Partition_001

{

"HapgArn": "arn:aws:cloudhsm:eu-central-1:315160724404:hapg-

8e3be050",

"RequestId": "ce3e1b17-7b64-11e4-a252-9d68fcf58947"

}

Configure High Availability

• Add the HSMs to the HAPGcloudhsm -c cloudhsm.conf add-hsm-to-hapg -H

arn:aws:cloudhsm:eu-central-1:315160724404:hsm-f32462d6 --

hapg-arn arn:aws:cloudhsm:eu-central-1:315160724404:hapg-

8e3be050 --cloning-domain cloningDomain --partition-password

partitionPassword --so-password sopassword

{

"Status": "Addition of HSM arn:aws:cloudhsm:eu-central-

1:315160724404:hsm-f32462d6 to HAPG arn:aws:cloudhsm:eu-

central-1:315160724404:hapg-8e3be050 successful"

}

(then do it again for the second HSM)

Done!

• After this, you are ready to set up custom

software with SafeNet clients, RDS integration,

customer-managed databases, and more.

• Comprehensive documentation available at

http://aws.amazon.com/cloudhsm

CloudHSM Pricing and Trials

• HSM provisioned in any region has a $5,000

one-time charge, then metered hourly after that

• There is no “stop” only “terminate”– We know this is challenging, since re-provisioning will incur

another $5,000 upfront charge

• 30-day trials are available for customers on

premium support– Access these by opening a case with dev support

Conclusion

• HSMs, for basic key storage and bulk crypto,

are available in AWS, if you need them

• They’ll have better performance that on-prem

HSMs, owing to co-location

• CloudHSM (and HSMs in general) aren’t for

everyone– Customers need trained staff, tight operational practice