Hardening HSM Clusters: Resolving Key Sync Vulnerabilities for Robust CU Isolation
摘要
This paper exposes critical vulnerabilities in key syncing within Hardware Security Module (HSM) clusters, revealing design flaws that bypass user authorization and make cluster objects accessible to anyone within the cluster. In an ideal HSM cluster, objects should be shared across partitions for availability, yet their usage must remain restricted to their creating user for security. However, when using the Partition Crypto Officer (PCO) for syncing, objects become cluster-shared, but encrypting them with a masking key—unique per partition yet accessible to all users of the partition—compromises the user-owned property. We demonstrate how this lack of user isolation can be exploited to extract sensitive information from clusters. The issue is further exacerbated by data encryption/decryption APIs that fail to enforce segregation between key-wrapping and data-encryption algorithms, exposing plaintext keys at the HSM boundary. To counter these threats, we propose two robust solutions: (1) a nonce-based approach, where the Hierarchical Deterministic (HD) wallet [3] is path-restricted per user, and users derive transport keys for masking objects using a combination of a nonce and the masking key; and (2) a public-key-based model, where each Crypto User (CU) in the HSM is assigned an independent key pair upon creation and uses this user-specific key pair to encrypt their respective objects in the cluster. Through detailed demonstrations, we illustrate how these approaches establish CU isolation in widely deployed cloud HSM clusters, effectively mitigating the identified vulnerabilities.