How to migrate ECC keys to an HSM
Today it is easy to generate ECC keys for cryptographic operations. But storing the sensitive private key data is most crucial for any service utilizing the key. In this article we show how to generate an ECC key but most important how to migrate already generated keys to an Hardware Security Module – HSM.
In this post we use the se.SAM™ N200 Crypto Appliance as secure key storage. The network device is able to store hundred thousand of cryptographic keys and securely perform cryptographic operations without unfolding any private keys. The HSM device typically is not to speed up cryptographic operations, in fact it may be slower than using a software key on a client or server. But it strongly protects cryptographic keys and allows centralized backups of keys and key lifecycle management including periodical key rotation.
Generate a ECC software key (which later we will migrate to the HSM)
To generate an ECC key we use OpenSSL available for various platforms including Windows and Linux. You find a full reference of OpenSSL ecparam under this link.
$ openssl ecparam -genkey -name prime256v1 -noout -out ecc_private.pem $ cat ecc_private.pem -----BEGIN EC PRIVATE KEY----- MHcCAQEEINeoWaJA5GCwb4FbUggQIcJksX4IW9tT6Px+0b5a3MIWoAoGCCqGSM49 AwEHoUQDQgAEemjh2jiP8jXpTuod66UhMVNWVs4uxgrg1ai6CUK7zazQWkzJZ122 DiCeG5X3D4FfifMawXeACLRRPw4rAXLrTw== -----END EC PRIVATE KEY-----
Extract private key of an ECC key
Use the ecc_private.pem or any other private ECC key previously generated and display its key details:
$ openssl ec -in ecc_private.pem -text -noout read EC key Private-Key: (256 bit) priv: c5:76:41:44:a6:60:3f:50:59:cb:89:90:17:0c:99: ac:05:c5:38:c8:25:a9:aa:d3:7a:ec:fc:dd:78:8b: 51:72 pub: 04:5f:9e:63:87:d3:60:f0:9f:41:e9:fc:52:2f:af: 2d:df:5e:89:e2:0e:80:e5:4f:b5:41:a3:5d:66:bb: bd:d8:73:46:8d:19:81:fc:9b:3b:80:ab:3c:03:4d: bd:13:ed:45:f6:27:67:d9:a7:d1:23:3c:20:d2:f6: 7b:46:a0:fe:29 ASN1 OID: prime256v1 NIST CURVE: P-256
The content of priv: is the private key value. Just remove the colons to get its unique HEX value:
ECC private key: c5764144a6603f5059cb8990170c99ac05c538c825a9aad37aecfcdd788b5172
How to migrate / import an ECC key on the HSM?
The se.SAM™ N200 Crypto Appliance supports a function named “importecckey”:
importecckey
This function allows to import an ECC private key in RAW format to be used within the current crypto domain. There is no need to import the public key, as it will be calculated automatically from the private key during the import.
To import an ECC key by its private key values to the HSM just complete the following URL and load the URL within an authenticated HSM session:
https://{hsmhostname}/n200/importecckey/FFFF/{HSM-key-pin}/c5764144a6603f5059cb8990170c99ac05c538c825a9aad37aecfcdd788b5172/
A typical result of the HSM REST-API request is:
{ "command": "importrsakeycrt", "core": 1, "result": "hsm0101237A8C224FC92BEE0000000000001776" }
The key is imported to the HSM already and now is available as key reference hsm0101237A8C224FC92BEE0000000000001776. You can securely sign, verify, and perform all other cryptographic operations supported by the HSM without worrying about the private key.
Hints:
- Secure your key assets! Software keys are unsecure, as they can be copied at any time. So, don’t forget to complete your migration by deleting the software key after importing!
- Elliptic Curve Cryptography (ECC) keys and operations are much faster than RSA keys and operations. For new projects we strongly advise the use of ECC.
- Beside the German Bundesamt für Informationssicherheit BSI recommends Brainpool keys it is safe to use publicly recommended NIST and SECP curves as well. If you are planning a Certificate Authority (CA) most modern IT systems will support X.509 certificate chains with ECC keys, even mixed CAs where the Root-CA is based on RSA keys and Issuing CAs are issuing ECC X.509 certificates are commonly supported. Just give ECC CAs a try!
- Owner of an HSM should not generate keys in software and import those keys to the HSM. The more secure process is to directly generate keys on the HSM and eliminate the risk of losing a software key.
Please note our previous post how to import RSA keys to an HSM.