Fuck my life, a #YubiHSM can:
- Attest asymmetric keys
- Generate asymmetric wrap keys
- CANNOT attest asymmetric wrap keys
I.e. when you're trying to back up your HSM to another HSM, it's cryptographically impossible to prove that it will be encrypted to the HSM you intend to.
Having played with a #YubiHSM for about 4 full days, I'm kind of happy with the choice! 😁 That said, it also falls short on a number of places, so your mileage may vary (also some places where I needed it not to fall short). 🧵
Sigh, seems my enthusiasm was premature. The #YubiHSM audit logs are not digitally signed and there is no way to have the HSM attest them.
That means I can just forge an arbitrary audit journal and publish that. Only physically querying the HSM can prove it's real or fake. 🤮
For my @dark.bio genomic project, I'm still debating how much to open source; but what I'd definitely like open, is an audit trail of the things I signed with the root keys.
To that end, I've been exploring how to create a publicly verifiable #YubiHSM audit log. 1/N 🧵
New root of trust for my @dark.bio genomic Arks. 🥳 Because I don't want to trust myself to not mess up handling the root keys. Also because I can generate an audit log of signatures to prove nothing malicious was ever signed. #yubihsm #darkbio
#Yubico issues security advisory for #YubiKey, #SecurityKey, and #YubiHSM private key recovery #vulnerability #YubiKey5
www.elevenforum.com/t/yubico-iss...
