Secure Transport Mode

Luna HSM 7 units are shipped from the factory in Secure Transport Mode (STM). The purpose of STM is to provide a logical check on the HSM firmware and critical security parameters (such as configuration, keys, policies, roles, etc.) so that the authorized recipient can determine if these have been altered while the HSM was in transit.

The Secure Transport Mode capability provides an additional layer of protection beyond the physical security controls provided by tamper-evident shipping bags.

Thales sends customers control validation information in two separate emails prior to shipment:

>Physical security control validation - an email containing the serial number of the HSM and the serial number of the associated tamper evident bag that encloses the HSM.

>Logical control validation - an email containing the serial number of each HSM in the shipment, along with the STM Random User String and the STM Verification String associated with each HSM.

Customers can use the logical and physical HSM controls to verify that HSMs shipped from the factory have not been modified in transit. The Thales shipping procedures are designed to prevent a possible man-in-the-middle attack, as attackers would need unobserved direct access to the HSM while in transit, along with simultaneous possession of both the STM Random User String and the STM Verification String for that HSM.

Thales customers can also implement STM when shipping pre-configured HSMs between their office locations or when pre-configured HSMs are to be put into storage. Customers implementing STM have added protection because only the HSM Security Officer can place an initialized HSM into STM, or recover the HSM from STM, further increasing the difficulty of man-in-the-middle attacks.

How does Secure Transport Mode work?

When STM is enabled on the HSM (either at the factory or by customer)

>The HSM generates a random string of 16 characters and presents that as the "Random User String" (suitable for copying and pasting into an e-mail).

>The HSM gathers several sources of internal information reflecting the state of the HSM at that time, including a random nonce value generated for this purpose; the nonce value is not displayed, and never exists outside the HSM.

>The HSM combines these items (the generated Random User String, the HSM state information, and  the random nonce value), and produces the "Verification String" (suitable for copying and pasting into an e-mail).

>The HSM then enters Secure Transport Mode, such that only limited operations are allowed until the HSM is brought out of STM.

>The HSM can now be shipped from the factory to customers, or customers can place the HSM into storage or ship securely to another location.
The HSM and the STM strings should not come together until they are in the possession of the intended recipient.

CAUTION!   PRE-REQUISITE - Before issuing a command for a multi-factor authenticated (PED-auth) HSM to enter Secure Transport Mode, ensure that all roles for the HSM are deactivated, using role deactivate with each role name.

For Network HSMs, roles must be deactivated for all partitions, from LunaCM in a connected client.

Failure to do so can result in mismatch when the generated strings are later compared during Secure Transport Mode recovery.  

When you recover an HSM from STM:

>The HSM asks for the Random User String (which you received in an e-mail or by other means).  

>The HSM gathers the same sources of internal information and combines those with the Random User String that you just provided, and outputs a Verification String.

CAUTION!   PRE-REQUISITE - Before invoking the stm recover command, be very careful entering the SO authentication.

A single failed attempt increments a counter that results in a change of the generated comparison string, which will cause STM verification to fail during Secure Transport Mode recovery.  

>Visually compare the newly output Verification String with the original Verification String that was sent via e-mail (or other means).

If the original and the newly generated Verification Strings match, then the HSM has not been used or otherwise altered since STM was enabled.

If the original and the newly generated Verification Strings fail to match, then there might be a problem with the Random User String - such as an error in the string that was sent, or else an incorrect random user string was entered, or the HSM has been altered somewhere between the original sender and you.

>If the HSM has not been altered (original and new Verification Strings match), then you can proceed to recovering the HSM from STM.

>If the HSM might have been altered (original and new Verification Strings are different), then type "quit" at the prompt, and run the stm recover command again, to ensure that nothing was incorrectly entered on the first attempt.

>If the Verification strings still do not match:

type "quit" to leave the HSM in STM, and contact Thales Technical Support for further guidance, or

if you feel that the Verification failure was benign, type "proceed" to release the HSM from Secure Transport Mode, and decide whether
-- you wish to proceed with using the HSM
or, instead,
-- you wish to perform factory reset and re-initialize the HSM as a safety precaution before proceeding further.

STM verification email

As part of the delivery process for your new HSM, Thales Client Services will send you an email containing two 16-digit strings: a Random User String and a Verification String. You require these strings to verify that your HSM has not been altered while in transit.

NOTE   If the STM verification process fails due to a lost or incorrect verification string, customers do have the option of proceeding with the recovery of the HSM from STM mode. If the STM verification process fails due to a tamper, customers can also choose to factory-reset the HSM to bring it back to a Factory state, and then re-initialize.

See the two " CAUTION PRE-REQUISITE " items above in order to avoid inadvertently causing a spurious STM recovery failure that would mask whether a real event had occurred.   

For information about the various tamper events, see Tamper Events.

Recovering an HSM From Secure Transport Mode

Only the HSM SO can recover an initialized HSM that has been placed into STM. When the HSM is zeroized, HSM SO log in is not required.

New HSMs

New HSMs are shipped from the factory in Secure Transport Mode (STM). You must recover from STM before you can initialize the HSM.

As part of the delivery of your new HSM, you should have received an email from Thales Client Services containing two 16-digit strings:

>Random User String: XXXX-XXXX-XXXX-XXXX

>Verification String: XXXX-XXXX-XXXX-XXXX

To recover an HSM from STM

1.Ensure that you have the two strings that were presented when the HSM was placed into STM, or that were emailed to you if this is a new HSM.

2.If the HSM is initialized, log in as the HSM SO (see Logging In as HSM Security Officer). If this is a new or zeroized HSM, skip to the next step.

3.Recover from STM, specifying the random user string that was displayed when the HSM was placed in STM, or that was emailed to you if this is a new HSM:

lunacm:> stm recover -randomuserstring <XXXX-XXXX-XXXX-XXXX>

NOTE   The random user string is for verification purposes only. If you do not require STM validation, or you wish to bypass the STM validation, you can enter a different string to proceed with the recovery of the HSM from STM mode.

4.You are presented with a verification string:

If the verification string matches the original verification string, the HSM has not been altered or tampered, and can be safely re-deployed.

Enter proceed to recover from STM.

If the verification string does not match the original verification string, this might indicate that the HSM has been altered while in transit, or that an incorrect random user string has been entered.

If the verification strings do not match

1.Reconfirm that you have entered the correct random user string for your HSM.

2.If the verification strings still do not match:

If this is a new HSM, enter quit to leave the HSM in Secure Transport Mode, and contact Thales Technical Support.

Otherwise,

If you feel that the Verification failure was benign, enter proceed to release the HSM from Secure Transport Mode, and decide to either:

proceed with using the HSM

perform a factory reset and re-initialize the HSM as a safety precaution before proceeding further.

Placing an HSM Into Secure Transport Mode

Only the HSM SO can place an initialized HSM into STM. When the HSM is zeroized, HSM SO log in is not required.

CAUTION!   If the HSM contains sensitive key material, ensure that you have a full backup of the HSM contents before proceeding.

To place an HSM into Secure Transport Mode

1.Log in as the HSM SO (see Logging In as HSM Security Officer).

2.Backup the contents of all application partitions.

See Backup and Restore Using a Luna Backup HSM (G5) or Backup and Restore Using a Luna Backup HSM (G7) for details.

3.Enter the following command to place the HSM into STM:

lunacm:> stm transport

4.After confirming the action, you are presented with:

Verification String: <XXXX-XXXX-XXXX-XXXX>

Random User String: <XXXX-XXXX-XXXX-XXXX>

Record both strings. They are required to verify that the HSM has not been altered while in STM.

CAUTION!   Transmit the verification string and random user string to the receiver of the HSM using a secure method, distinct from the transport of the physical HSM, so that it is not possible for an attacker to have access to both the HSM and the verification codes while the HSM is in STM.

This product uses semiconductors that can be damaged by electro-static discharge (ESD). When handling the device, avoid contact with exposed components, and always use an anti-static wrist strap connected to an earth ground. In rare cases, ESD can trigger a tamper or decommission event on the HSM. If this happens, all existing roles and cryptographic objects are deleted.