

Building a More Assured Hardware Security Module [pdf] - bracewel
https://ripe69.ripe.net/presentations/136-141106.ripe-cryptech.pdf

======
MichaelGG
Regarding HSMs, a great read is the Cambridge team that broke the Luna CA3
Chrysalis HSM. A great reversing tale. "Unwrapping the Chrysalis":
[http://www.war-room.co.uk/~dc352/UCAM-CL-TR-592.pdf](http://www.war-
room.co.uk/~dc352/UCAM-CL-TR-592.pdf)

Search around for more- I remember them having a few different write-ups.

~~~
JoachimS
Great tip, thanks!

------
bonobo
The wiki[1] says that

" _Recent revelations have called into question the integrity of some of the
implementations of basic cryptographic functions and devices used to secure
communications on the Internet. There are serious questions about algorithms
and about implementations of those algorithms in software and particularly
hardware._ "

I'm curious about that, does anybody here know about these _recent
revelations_? I understand the feeling, but I don't remember seeing any news
about the security of HSM recently, or ever actually.

[1]: [http://wiki.cryptech.is](http://wiki.cryptech.is) \-- see JoachimS'
comment

------
bobmagoo
Man powerpoint presentations after the fact are all but useless for conveying
the original point.

------
vvanders
Might not want to use pink comic sans on a slide deck if you want be taken
seriously...

~~~
corysama
I'm not sure if it's the NetBSD crowd or some general crypto-focused
community, but there's a theme going on about presenting and publishing on
security in comic sans. The goal is to see what you are more focused on: the
slickness of the presentation or the correctness of the code.

[https://mobile.twitter.com/Nambitious/status/595230807138111...](https://mobile.twitter.com/Nambitious/status/595230807138111489)

~~~
pyvpx
many OpenBSD developers use comic sans intentionally in their presentations.

~~~
corysama
That's it. I said NetBSD, but meant OpenBSD.

------
mey
Where is the call to action (where do you engage to get involved?)

~~~
JoachimS
The front page is here: [https://cryptech.is](https://cryptech.is) More tech
info etc are here: [http://wiki.cryptech.is](http://wiki.cryptech.is)

We use mail lists. The second link Provides links to archives, sign up info.
There you also find web access to all repos.

And if there are questions esp related to the digital HW side of Cryptech just
ask and I'll try to answer.

~~~
imrehg
BTW, your wiki's certificate is untrusted, because it was issued for
"bikeshed.cryptech.is".

~~~
JoachimS
Yes, that is correct and by design.

It boils down to (the lack of) trust in the CAs and the HSMs they use.
Basically.

