Beware: Townsend Key Management HSM for SQL Server

Today I received an email “newsletter” from the CEO of Townsend that announced a new product for database encryption:

Today we are excited to announce the availability of our new Alliance Key Manager for SQL Server (AKMSS). AKMSS is a Hardware Security Module (HSM) for encryption key management that protects access your encryption keys.

A quick look at the specifications, however, and an odd gap appeared between the marketing language and the actual product.

First, they seem to have stretched the phrase “Hardware Security Module” (HSM) to mean software running on a standard Linux x86 system. It used to be that an HSM had a specific meaning for cryptography. Wikipedia, a general reference, gives us this:

[HSM] are physical devices that traditionally come in the form of a plug-in card or an external TCP/IP security device that can be attached directly to the server or general purpose computer. […] The tamper evidence, resistance, and response – tamper protection – are the key and major differences HSMs have from usual server computers acting as cryptographic accelerators.

The Townsend product does not appear to meet the basic definition of an HSM.

Second, Townsend themselves say on their product specification page they have achieved validation only to NIST FIPS 140-2 Level 1. So they only use software-based security to protect the keys. FIPS 140-2 Level 1 by definition implies a software-based crypto-module since crypto-hardware certification begins at Level 2. A quick check of the NIST FIPS Validated Modules list page reveals item #1449 has the following text:

When operated with the Red Hat Enterprise Linux 5 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1320 operating in FIPS mode (approved algorithms retested on listed operating environment)

Townsend’s “HSM” thus derives its FIPS security from an open-source OpenSSL software module, which previously achieved FIPS certification due to open-source community efforts — an OpenSSL crypto-module is their source of FIPS certification. That’s a good start but use of this crypto-module when not in FIPS mode would negate their FIPS-certified security.

Note: search for the string 1320 on the NIST list page will show many companies derive their FIPS certification from OpenSSL, including IBM (see #1433).

Townsend Security makes a good case for the need for an HSM in the market, but that does not appear to be what they are actually offering yet to sell from their product specification. It reads like just a software-based key-management system, offering OpenSSL for FIPS security, running on a Linux system. It does not provide the same level of security that even a TPM would provide, let alone a FIPS 140-2 Level 2 or above certified cryptographic hardware security module.

They suggest this product is a solution for compliance, but buyer beware. I find their marketing material to mislead by equating low and high security levels:

Certified Solutions Ensures the Highest Level of Compliance with Regulations

Alliance Key Manager for SQL Server 2008 is certified to the FIPS 140-2 Level 1 specification.

Level 1 is the highest level? Um, no. Level 1 provides the lowest level of compliance with regulations. And they say it ensures…let’s not even go there.

One thought on “Beware: Townsend Key Management HSM for SQL Server”

  1. There is a subtle problem with encrypting in the database that many people are unaware of: the encryption/decryption is occurring at a layer well below that of the application layer. If an attacker were to compromise an intervening layer between the DB and the application, unencrypted data would become available to him. Take a look at slides 16-20 in this OWASP presentation – http://www.mediafire.com/file/jz5dyu1wiyk/EKM-1.0.pdf – it explains the vulnerability in graphic form.

    Arshad Noor
    StrongAuth, Inc.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.