Stateless cryptography for virtual environments

Abstract

Migrating systems onto virtualized environments, such as cloud platforms, is becoming a business imperative. Such platforms offer the promise of higher resilience combined with a relatively low cost of ownership. The platforms also involve a number of challenges that hinder their adoption, and a primary concern involves security. These security concerns stem in part from vulnerabilities that underlying virtualization functionality introduces, such as the ability to capture and replay the execution state of a virtualized machine. In systems where security is paramount, HSMs (hardware security modules) are often used. HSMs provide a tamper-resistant environment for storing sensitive cryptographic material and for executing cryptographic operations using this material. HSMs may appear to be important components for enhancing the security of virtual environments; however, current implementations are not well suited for this purpose. In this paper, we describe a typical HSM solution stack based on the de facto industry standard called PKCS #11 (Public Key Cryptography Standard # 11). We explain the challenges introduced by virtualized platforms and show why the typical architectures based on PKCS #11 are not suitable for such environments. Finally, we describe an alternative IBM HSM solution called EP11 (Enterprise PKCS #11) and show how it addresses many of these challenges.