Hardware security modules (HSMs) and transparency technology complement each other. For example, a transparency capable HSM can help adding transparency to legacy systems, such as UEFI Secure Boot, which uses RSA signatures and is unlikely to support spicy signatures anytime soon. To do that, we need an HSM that is sufficiently open and flexible.
This talk will explain how the radically open-source Tillitis TKey and Tillitis HSM work, and report the current state of development of our transparency apps for these devices. This includes a general-purpose signer app that only signs a message if it is already published in a transparency log; as well as log and witness signing apps that can mitigate split views at the hardware level.
Speaker
Fredrik Strömberg is Head of Research at the Amagicom group, consisting of Mullvad VPN, Tillitis and Glasklar Teknik. He is a co-designer of System Transparency, Sigsum, Tillitis TKey, Tillitis HSM among other open-source software and hardware projects.
