Nitrokey HSM - n-of-m threshold for DKEK backup: change key custodians


#1

I have multiple HSMs and using a 3-of-5 threshold for the DKEK to create a single security domain and backup the private keys to different HSMs works fine.
(Used sc-hsm-tool --create-dkek-share dkek-share.pbe --pwd-shares-threshold 3 --pwd-shares-total 5)

However, what is the recommended way for the following use case:
One of the 5 current key custodians is leaving and another one is joining.
The obvious straight-forward procedure is that the former custodian hands over his/her key share to the new custodian.
But what if that share was lost, or the former custodian needs to be explicitly excluded from holding a share?

Or more general: Is it possible to create a completely new 3-of-5 threshold - DKEK (involving 5 new key custodians) - and migrate the existing keys from the former security domain to the new one (by involving 3 of the old 5 key custodians)?


#2

Yes, you can create a completely new group of key custodians (as long as you “have” 3 custodiants) and import the keys of your old group into it. Effectively this removes access of your left custodiants to the new group.


#3

sc-hsm-tool is missing a function to re-create pwd-shares for an existing DKEK.

The schema does actually have two layers:

The final DKEK is assembled in the sc-hsm from DKEK shares using an internal XOR operation. Each DKEK share is generated by the sc-hsm-tool using the card’s random number generator. The DKEK share is then encrypted using PBKDF from OpenSSL. The password for PBKDF is either entered directly or the result of a Shamir-Shared-Secret (n-of-m) algorithm.

If you want to recreate a n-of-m control for a DKEK share, then you would need to first reassemble the PBKDF using SSS, decrypt the DKEK share and then recreate n-of-m shares and re-encrypt the DKEK share.

It’s important to understand, that the SmartCard-HSM/Nitrokey HSM supports two different n-of-m schemes: The n-of-m based on SSS to share a DKEK password and n-of-m using public key authentication to control access to the device. The former is part of the sc-hsm-tool, the later is a function of the HSM.


#4

There is a presentation in [1] that gives an overview and a how-to at [2] (CDN access required) that shows the process step by step in the Smart Card Shell.

So far n-of-m authentication is only supported in OpenSCDP. For OpenSC there is a ticket [3] to get that integrated.

n-of-m authentication is also supported in the PKI-as-a-Service Portal [4] for locally and remote connected HSMs. The PKI-as-a-Service Portal is based on OpenSCDP.

[1] https://www.smartcard-hsm.com/2015/10/10/Shared_Control_over_Key_Usage.html
[2] https://devnet.cardcontact.de/documents/7
[3] https://github.com/OpenSC/OpenSC/issues/594
[4] https://www.smartcard-hsm.com/2018/02/13/pki-as-a-service.html