[ksk-rollover] ICANN to generate new KSK

Andres Pavez andres.pavez at iana.org
Thu Feb 29 19:50:43 UTC 2024

Hi Mike,


Thales Luna USB G7 HSM is a standalone hardware cryptographic module. The cryptographic module is contained in its own enclosure that provides physical resistance and tamper-evidence. Any tampering that might compromise a module's security is detectable by visual inspection of the physical integrity of a module.

Within the plastic enclosure, a hard opaque epoxy covers the circuitry of the cryptographic module. Attempts to remove this epoxy will cause sufficient damage to the cryptographic module so that it is rendered inoperable.


The module is designed to sense and respond to out-of-range temperature conditions as well as out-of-range voltage conditions. The temperature and voltage conditions are monitored in the power-on state. If the module senses an out-of-range temperature or over voltage, the module will reset itself, clear all working memory and log the event.


The module is accessed directly (i.e., electrically) over the USB interface. It also has an LCD touchscreen for displaying system status.


It has a small internal backup battery (3.6V) that is only used to power the module's real-time clock.


The HSM will be stored in a Secure Transport Mode (STM). a random string and a fingerprint of the internal state of the module is output from the module. The fingerprint is a SHA2-256 digest of the random string, module CSPs, firmware, module configuration information, and non-volatile memory. Only the HSM Security Officer (SO) credential can put the module into STM and take it out of STM.


Additionally, the HSM will be stored in a Tamper-Evident Bag (TEB) inside of the safe.


More information about the analysis of the HSM selection can be found here https://www.icann.org/en/system/files/files/hardware-security-module-replacement-2024-28feb24-en.pdf 

This goes into detail outlining the differences between the FIPS security levels, tamper monitoring levels, etc.


Responding to your specific questions:


Is there an internal battery?
Only the small internal backup battery (3.6V) is used to power the module's real-time clock.

Is it replaceable?

How often does this USB HSM need to be plugged into power to maintain the internal battery?
Doesn't have an internal battery to power the cryptographic module.

What happens if you leave it in a safe for a year - or alternately, how long can the unit remain unplugged before it wipes its keys?
The keys will remain in the HSM as long the HSM is not tampered.

What's the lifetime of the battery before replacement?
There is no battery to power the cryptographic module that needs replacement.

Best regards,


Andres Pavez

Cryptographic Key Manager


On 2/29/24, 10:21, "ksk-rollover on behalf of Michael StJohns via ksk-rollover" <ksk-rollover-bounces at icann.org on behalf of ksk-rollover at icann.org> wrote:


Hi -


The product brief for the Luna USB G7 doesn't provide a lot of data.  The previous HSM provided level four hardware protection - e.g. a tamper perimeter and the ability to zeroize the keys if someone tried to decap the thing.  That's almost entirely dependent on having a constant power source - usually a three stage line/battery/capacitor model.


On the PCI cards, there's a Li ion battery - a rather large one - on the card just in front of the tamper covered HSM engine.  See https://thalesdocs.com/gphsm/luna/7/docs/pci/Content/install/pci_hw_install/battery_replace.htm


The older luna USB HSM had a battery compartment - I can't see one on the images I've been able to find of the current one.  It was also a most Level 2 device with L3 security.


My questions are these: Is there an internal battery? Is it replaceable? How often does this USB HSM need to be plugged into power to maintain the internal battery?  What happens if you leave it in a safe for a year - or alternately, how long can the unit remain unplugged before it wipes its keys?  What's the lifetime of the battery before replacement?


Later, Mike





On 2/28/2024 7:20 PM, James Mitchell via ksk-rollover wrote:

ICANN has announced the schedule to generate the next KSK.


Generating a new KSK restarts the process announced last year, which was suspended after it was identified that a supplier of key equipment used to store the KSK (known as a Hardware Security Module, or HSM) would be exiting the business during the expected lifespan of the new KSK.


The next KSK will be generated on new Thales Luna USB G7 HSMs.


The announcement and information regarding the new HSMs is published at https://www.icann.org/en/announcements/details/icann-to-generate-new-dns-cryptographic-key-at-april-2024-ceremony-28-02-2024-en.


James Mitchell



ksk-rollover mailing list
ksk-rollover at icann.org
By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mm.icann.org/pipermail/ksk-rollover/attachments/20240229/b5fc1e5d/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4863 bytes
Desc: not available
URL: <https://mm.icann.org/pipermail/ksk-rollover/attachments/20240229/b5fc1e5d/smime-0001.p7s>

More information about the ksk-rollover mailing list