[ksk-rollover] followup of DNSSEC Workshop at ICANN64
Michael Richardson
mcr+ietf at sandelman.ca
Mon Mar 18 14:59:00 UTC 2019
Hi, thank you for the reply and context.
S Moonesamy <sm+icann at elandsys.com> wrote:
> At 01:24 PM 17-03-2019, Michael Richardson wrote:
>> Brute force is not the only attack: there are possible "Mission
>> Impossible"-like exfiltration attacks against the HSM(s). Do these
>> attacks
>> depend upon how many keys there are? I don't think so.
> After the last KSK Ceremony, there was a discussion with the Root Zone
> Manager (Public Technical Identifiers) about the physical controls for
> the facility [1] where some of the HSMs are located. I took the
> concerns raised on the different threads [2] into account for that
> discussion. The issue, as I see it, is not whether an "exflitration
> attack" could happen; it is whether
> it will be detected and publicly disclosed.
I am not addressing the absolute risk of exfiltration attacks,
but rather asking if having more keys in the HSM causes a relative
change to the risk of exfiltration attacks.
More keys generated might mean that the HSM is unlocked more often,
but I don't think this would be the case. My understanding is that the HSMs
need to be acccessed on a regular basis by the Security Officers anyway in
order to sign new ZSKs.
--
Michael Richardson <mcr+IETF at sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <http://mm.icann.org/pipermail/ksk-rollover/attachments/20190318/ade40b79/signature.asc>
More information about the ksk-rollover
mailing list