NTLS and STC
SafeNet Luna Network HSM supports network connections over two different types of channels:
>NTL (Network Trust Link)
>STC (Secure Trusted Channel)
NTLS
Network Trust Links (NTLs) are secure, authenticated network connections between the SafeNet Luna Network HSM appliance and clients. NTLs use two-way digital certificate authentication and TLS data encryption to protect your sensitive data during all communications between HSM partitions on the appliance and its clients. NTLs are made up of:
>NTLS: Network Trust Link Server, on the appliance
>NTLA: Network Trust Link Agent, on the client
>NTL itself: a secure connection between NTLS and an authenticated NTLA
NTLS Connection shows how an NTL connection is made between the client and the appliance.
Certificates are created on both the appliance and the client. These certificates are exchanged to register the appliance and client with each other. Once registered, the appliance will recognize the client and allow it access to the HSM and partitions it wants. NTLS encrypts data between the network interfaces of the appliance (shown as eth0 in the diagram) and client, but not between the network interface and the HSM within the appliance.
The SafeNet Luna Network HSM appliance can support up to 800 simultaneous NTL connections.
STC
STC (Secure Trusted Channel) uses secure key exchange and data encryption to protect your sensitive data during communications between HSM partitions and clients. The type of data encryption you use is up to you; STC is flexible and customizable.
STC supports a wide range of end-points, but its primary end-points are client applications connecting to the HSM to access its cryptographic services and/or to perform module management functions. STC provides three basic services:
>Privacy of all communicated data through the use of symmetric encryption so only the end-points can read any sensitive data.
>Integrity of the communicated data through the use of message authentication codes so that not eavesdropper could add, delete, modify or replay any command or response.
>Mutual authentication of the HSM and the end-point so that only authorized entities can establish a STC connection and there can be no man-in-the-middle attack.
STC Connection shows how an STC connection is made between the client and the appliance.
STC connects a client directly to a specific partition on the HSM in the appliance.
The STC connection consists of two phases: tunnel establishment and message handling. During tunnel establishment the end-parties perform bi-directional authentication and then establish unique session keys for each connection. After a connection is established between the network interfaces of the appliance (shown as eth0 in the diagram) and client, the message handling phase securely transmits commands to the HSM and receives HSM responses. Any attempt to alter, insert or drop messages is detected by both end-points and results in immediate termination of the connection.
NTLS must be set up before you use STC.
Comparing NTLS and STC
| NTLS | STC |
|---|---|
|
>Consistent high performance >Does not encrypt data between network interface and HSM >Not recommended for use with public networks |
>Exceptionally secure and safe to use with public networks >Encrypts data between network interface and HSM >Customizable parameters >Performance depends on parameters set |
For detailed instructions on setting up NTLS or STC, see the Administration Guide.
